urlscan.io logo urlscan.io
SecurityTrails logo

ntn.ua Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://ntn.ua/uk/
Submission: On October 14 via manual from UA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 13 countries across 53 domains to perform 275 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ntn.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 12th 2022. Valid for: a year.
This is the only time ntn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
64 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a0c:5c81:512... 55081 (24SHELLS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 45.133.44.3 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.48.190.42 16509 (AMAZON-02)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 54.37.238.28 16276 (OVH)
3 2001:4860:480... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
31 2a03:2880:f01... 32934 (FACEBOOK)
1 96.16.135.39 16625 (AKAMAI-AS)
5 2a03:2880:f11... 32934 (FACEBOOK)
6 2a0c:5c81:514... 55081 (24SHELLS)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 194.247.175.23 196831 (BEMOBILE-AS)
4 194.247.175.25 196831 (BEMOBILE-AS)
1 69.192.160.219 16625 (AKAMAI-AS)
1 146.59.30.96 16276 (OVH)
2 2 35.156.3.122 16509 (AMAZON-02)
2 62.149.1.122 15497 (COLOCALL ...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 51.83.220.94 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 194.247.175.19 196831 (BEMOBILE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 34.98.64.218 396982 (GOOGLE-CL...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 185.184.8.90 204995 (RTB-HOUSE...)
3 2602:803:c003... 26667 (RUBICONPR...)
1 216.52.2.39 32475 (SINGLEHOP...)
15 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 26 172.217.23.98 15169 (GOOGLE)
4 8 185.80.39.216 27381 (CASALE-MEDIA)
4 6 185.89.211.84 29990 (ASN-APPNEX)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 213.155.156.168 1299 (TWELVE99 ...)
2 2 52.19.188.75 16509 (AMAZON-02)
3 3 213.19.147.44 3356 (LEVEL3)
2 2 18.156.0.31 16509 (AMAZON-02)
2 4 51.89.9.253 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.25 13768 (COGECO-PEER1)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 37.157.4.25 198622 (ADFORM)
2 2 76.223.111.18 16509 (AMAZON-02)
4 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 141.95.98.65 16276 (OVH)
2 23.205.235.133 16625 (AKAMAI-AS)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 15.197.193.217 16509 (AMAZON-02)
6 8 69.173.144.165 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 52.94.220.185 16509 (AMAZON-02)
2 3 52.46.155.104 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
275 57
64    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ntn.ua
1    2a0c:5c81:5120::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
d.adtelligent.com
1    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
7    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.48.190.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-190-42.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    2606:4700:3038::6815:e9e1 (United States)

ASN13335 (CLOUDFLARENET, US)
inter.ua
4    54.37.238.28 (Poland)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaua.hit.gemius.pl
3    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.nl
googleads.g.doubleclick.net
31    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
1    96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com
tags.bkrtx.com
5    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
1    194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
source.mmi.bemobile.ua
4    194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
juke.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu
ls.hit.gemius.pl
2    35.156.3.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-3-122.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
2    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adtelligent-d.openx.net
eu-u.openx.net
us-u.openx.net
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
3    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
15    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
20    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
26    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
2    52.19.188.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-188-75.eu-west-1.compute.amazonaws.com
match.360yield.com
3    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2a05:d018:d29:3602:9a19:4aca:1a41:e6f4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
64 ntn.ua
ntn.ua
1 MB
40 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
245 KB
35 googlesyndication.com
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
201 KB
29 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 713
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 420
562 KB
16 adtelligent.com
d.adtelligent.com — Cisco Umbrella Rank: 625756
player.adtelligent.com — Cisco Umbrella Rank: 6415
ghb.adtelligent.com — Cisco Umbrella Rank: 6449
sync.adtelligent.com — Cisco Umbrella Rank: 4288
ghb1.adtelligent.com — Cisco Umbrella Rank: 7221
276 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
369 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
token.rubiconproject.com — Cisco Umbrella Rank: 682
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
16 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
6 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
9 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
4 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
6 KB
6 openx.net
adtelligent-d.openx.net — Cisco Umbrella Rank: 27311
eu-u.openx.net — Cisco Umbrella Rank: 1878
us-u.openx.net — Cisco Umbrella Rank: 409
2 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 290024
juke.mmi.bemobile.ua — Cisco Umbrella Rank: 514209
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 303027
21 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
29 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 54979
ls.hit.gemius.pl — Cisco Umbrella Rank: 12601
20 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
975 B
3 gstatic.com
fonts.gstatic.com
47 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
1 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 121219
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
529 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
57 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 373
962 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2893
791 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4553
646 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1500
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 729
859 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
93 KB
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 14180
914 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
1 KB
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 160126
i.bigmir.net — Cisco Umbrella Rank: 350946
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 inter.ua
inter.ua
447 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
393 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
85 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
710 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
644 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
616 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 40043
610 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
191 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2865
104 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094
574 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
640 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6233
168 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8894
257 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
256 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3499
16 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 801
2 KB
275 53
Domain Requested by
64 ntn.ua ntn.ua
27 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
26 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
eu-u.openx.net
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
15 s0.2mdn.net ntn.ua
s0.2mdn.net
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 player.adtelligent.com ntn.ua
player.adtelligent.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
5 ghb.adtelligent.com player.adtelligent.com
5 www.facebook.com ntn.ua
static.xx.fbcdn.net
5 securepubads.g.doubleclick.net ntn.ua
securepubads.g.doubleclick.net
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 googleads4.g.doubleclick.net ntn.ua
4 onetag-sys.com 2 redirects bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
4 googleads.g.doubleclick.net bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
ntn.ua
4 gaua.hit.gemius.pl 1 redirects ntn.ua
gaua.hit.gemius.pl
3 s.amazon-adsystem.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 eu-u.openx.net player.adtelligent.com
eu-u.openx.net
3 mug.criteo.com
3 fonts.gstatic.com fonts.googleapis.com
3 c1.adform.net 3 redirects
3 www.google.com bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
3 fastlane.rubiconproject.com player.adtelligent.com
3 bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pa.tns-ua.com source.mmi.bemobile.ua
pa.tns-ua.com
ntn.ua
3 www.google-analytics.com player.adtelligent.com
www.google-analytics.com
2 match.adsrvr.org eu-u.openx.net
2 us-u.openx.net eu-u.openx.net
2 eus.rubiconproject.com player.adtelligent.com
eus.rubiconproject.com
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 eb2.3lift.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 d5p.de17a.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 cms.quantserve.com 1 redirects bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
2 www.googletagservices.com bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.nl securepubads.g.doubleclick.net
2 csync.loopme.me player.adtelligent.com
2 sync.adtelligent.com player.adtelligent.com
ntn.ua
2 rtb.mfadsrvr.com 2 redirects
2 scontent.xx.fbcdn.net www.facebook.com
2 connect.facebook.net ntn.ua
connect.facebook.net
2 inter.ua 1 redirects ntn.ua
2 match.prod.bidr.io 1 redirects ntn.ua
2 www.googletagmanager.com ntn.ua
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 id5-sync.com player.adtelligent.com
1 fonts.googleapis.com s0.2mdn.net
1 gcm.ctnsnet.com 1 redirects
1 pixel-sync.sitescout.com bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
1 dclk-match.dotomi.com bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ap.lijit.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 ghb1.adtelligent.com player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 adtelligent-d.openx.net player.adtelligent.com
1 stats.g.doubleclick.net www.google-analytics.com
1 a4p.adpartner.pro 1 redirects
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 stags.bluekai.com tags.bkrtx.com
1 juke.mmi.bemobile.ua ntn.ua
1 source.mmi.bemobile.ua ntn.ua
1 i.bigmir.net ntn.ua
1 c.bigmir.net 1 redirects
1 tags.bkrtx.com ntn.ua
1 unpkg.com ntn.ua
1 d.adtelligent.com ntn.ua
275 78
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-12 -
2023-03-11		 a year crt.sh
d.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-25 -
2022-12-24		 3 months crt.sh
player.adtelligent.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-24 -
2022-10-22		 3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-02-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
juke.mmi.tns-ua.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 25 frames:

Primary Page: https://ntn.ua/uk/
Frame ID: 4EE5645E5D1ECD6DFD6C4C6B2FADF47C
Requests: 128 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fntn.channel%26width%26height%3D260%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dtrue%26stream%3Dfalse%26show_border%3Dfalse%26appId%3D219434378199819
Frame ID: 08D3573BC0DC76119E61F27523523ADB
Requests: 32 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/79386?ret=html&phint=__bk_t%3D%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fntn.ua%2Fuk%2F&phint=__bk_v%3D3.1.10&limit=1&r=62387479
Frame ID: D93F73C8AE295B256692BEB7F1219E73
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 777D3BCC38E1603B00936D3C46880CAF
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=a44a9126-976d-4c9f-93a2-90f02ddf8c85
Frame ID: 8DAFD6256254237D2EFD8767C3F3EE03
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Frame ID: 56B1FDB5AE643E7DE5FD24E323EE2C71
Requests: 1 HTTP requests in this frame

Frame: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDA05FA755324F3ADD29C44D39F766A5
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 93E5C5BF9143383797C32710E106F431
Requests: 1 HTTP requests in this frame

Frame: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 26820795EDF118D1339532DAE88FA82D
Requests: 17 HTTP requests in this frame

Frame: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A432B26FEA23307C33669663A1DB9497
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCGn0cY2aGp1AEwAQ&v=APEucNVjM5yTfgZYDbFftHxipt1sgVQWz5n1UpBO4uUm5hiEYQrog5ItRjUpfohqeIgw_IL0Ijl4dZaIYLPOo_L0IVNJvm9mOtniNpzl1vaWOdjSLY7DS8SlLC4dFV8F8R4RIaFoAH-6_gCX_S5EhJLNOu2FF29kaTrPv7s_J8IILVWEQE8_y2E
Frame ID: B89C721E5A846A8D50AF2AEB3E50C941
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYoa-lwAEwAQ&v=APEucNWMWE1ExmDzJPJ71zrgdGnVo8bq5OL69NAV_SNc3t2Ms5OWWrGLNoFbBE3iLGw_Hf7lkkyVxizQPyPlf2oBnEunFYN6HSEsu29O2_CmV4Hluy_fgWktMGcirCUv2sgULHyH7pUUExGu1OOVJubPJ_4AsDHxeZXtNJ74SX1Dw1ZTMHDgtsg
Frame ID: 4B196BCB8FD637FBE04DC3AFE66AD37A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D3903D2DBE31B0AFF6537DACBAD677A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6277E627CDE0887A5DA0EBEAD8B2B0B2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5BB40638FC5F76AFE7EB6AE2016B9145
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E4DFC52AFB3A7BDF1AE58AF7A6E3F41
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4E78A21E20D8952B1D3CE6AA4C656B93
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9FD2EADCABA136910AB661E7D2A7B280
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
Frame ID: 83176509A9C664EEA05EC0CD429F3007
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16640814650698498048/CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
Frame ID: CEDB0B4CA8E694B7AD5E172C01122AED
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: 3A0E9F651D65A416795336602948354B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntn.ua
Frame ID: C621D699BD3A49CCDFF3D76B9F37AC1C
Requests: 2 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Frame ID: EA71BAC84EC979755F0709342C0C7B3F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 3BBB4D21E1E5E0EE28C061F5974ADBF9
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: A66B3595C7810C951C0BA10777A7A3FA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Телеканал НТН

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

275
Requests

86 %
HTTPS

42 %
IPv6

53
Domains

78
Subdomains

57
IPs

13
Countries

3563 kB
Transfer

8825 kB
Size

61
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://match.prod.bidr.io/cookie-sync/atg HTTP 303
  • https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Request Chain 42
  • https://inter.ua/uk/announce/channel/3 HTTP 301
  • https://inter.ua/ua
Request Chain 80
  • https://c.bigmir.net/?v88708&s89294&t3&c1&n507424&w0&y0&d24&r1600 HTTP 302
  • https://i.bigmir.net/cnt/03.png
Request Chain 116
  • https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=a44a9126-976d-4c9f-93a2-90f02ddf8c85
Request Chain 118
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=9591dedf-1120-4045-8ea4-e2d33ba3b18c
Request Chain 140
  • https://gaua.hit.gemius.pl/_1665766658207/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=CoVw_FSfnxNY6aPmw0CmAn7qkkirzUoJhx4bKbYJCar.K7Ug9GoHEY.k6eSqmbyUb7BD6sxg1CBhCGTxdnTo1_poEy_g/aLYSlxvzYhfkA/&ltime=324&fpdata=wVd764c9CMRkOFz53C1iM_xfJagY4jistMxCQAp89Ar.n7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1665766658207/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=CoVw_FSfnxNY6aPmw0CmAn7qkkirzUoJhx4bKbYJCar.K7Ug9GoHEY.k6eSqmbyUb7BD6sxg1CBhCGTxdnTo1_poEy_g/aLYSlxvzYhfkA/&ltime=324&fpdata=wVd764c9CMRkOFz53C1iM_xfJagY4jistMxCQAp89Ar.n7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Request Chain 174
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0mVA70QpDBDEc1OCq6wqgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
Request Chain 176
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzk0NDQzMzI1NzIwNjMzMg%3D%3D
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Request Chain 178
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0mVA70QpDBDEc1OCq6wqgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
Request Chain 180
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxODQ3Njk0NzI5MDIwNTc3
Request Chain 195
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMM8X_au0adVeahfM0AT7zo&google_cver=1&google_push=AZmPxg_ianK3iDQYbPL_5ZHwm583oOvj7rBANNbcNd9PLFQ24VhNi95fQjySVH-PforYmV4tpgRZZQs78vM8QXK_3io4S_az-3E1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjAxMjU3MA%3D%3D&google_push=AZmPxg_ianK3iDQYbPL_5ZHwm583oOvj7rBANNbcNd9PLFQ24VhNi95fQjySVH-PforYmV4tpgRZZQs78vM8QXK_3io4S_az-3E1
Request Chain 196
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECpAU5lwotEOfJNOkrSL5RY&google_cver=1&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1MuTzyVR3 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECpAU5lwotEOfJNOkrSL5RY&google_cver=1&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1MuTzyVR3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1MuTzyVR3
Request Chain 197
  • https://match.360yield.com/match/ebda?google_gid=CAESEO_FR2v4BTJqE1t3LW5EkXY&google_cver=1&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf-vZnxrZ4ISJk HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO_FR2v4BTJqE1t3LW5EkXY&google_cver=1&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf-vZnxrZ4ISJk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=F5AzswoXR9itB7TBw8ITFA&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf-vZnxrZ4ISJk
Request Chain 198
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP5x2fTOMl8ORnhjMgrMlCE&google_cver=1&google_push=AZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665766659259 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9383c857-7f26-445f-a1e1-7af445270f09-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB%26google_hm%3DA5ODyFd_JkRfoeF69EUnDwk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB&google_hm=A5ODyFd_JkRfoeF69EUnDwk
Request Chain 199
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFWlTsg7_T4vdUf8PQkTsNA&google_cver=1&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8cBTRJl09-8ysEQyjOZCrYdjgmO0hhSYA-SQtI60a_EZlQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFWlTsg7_T4vdUf8PQkTsNA&google_cver=1&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8cBTRJl09-8ysEQyjOZCrYdjgmO0hhSYA-SQtI60a_EZlQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZTVkbjNoRTJ1RjRCc29qNlRYRFVMdFVKeWlCQ0NXMX5B&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8cBTRJl09-8ysEQyjOZCrYdjgmO0hhSYA-SQtI60a_EZlQ
Request Chain 200
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN7pMzgL_ikk7HVEav53v1w&google_cver=1&google_push=AZmPxg-yQRw-1xQYgsTdIjdJkONGn7kPpVsRY9tDKluY3tbLpWu48EAOr14OlqYipFx_j3hZGaEP0vK1BXgoG5WK7B666gIS55Vq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-yQRw-1xQYgsTdIjdJkONGn7kPpVsRY9tDKluY3tbLpWu48EAOr14OlqYipFx_j3hZGaEP0vK1BXgoG5WK7B666gIS55Vq HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 204
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHWG71cwLTA_M5srkInbfNM&google_cver=1&google_push=AZmPxg9skXU30saz8l11R6dNCm90K04ivFlMSMiB5HQZv3cquYgdj4UosPBX4B0IGVUDPGEStb4imOXXjXepl68WbY1ICdRyrdDkFg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9skXU30saz8l11R6dNCm90K04ivFlMSMiB5HQZv3cquYgdj4UosPBX4B0IGVUDPGEStb4imOXXjXepl68WbY1ICdRyrdDkFg&google_hm=ekImPyRxQD2v_-B1KexuuJM
Request Chain 205
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMM8X_au0adVeahfM0AT7zo&google_cver=1&google_push=AZmPxg8k1lEeatnsEjKmJ3msTCpxcwIDYLD4zH_K_5Igc49SFWmnb7lBWrN6uhGqrGlUrsj2xQLH6bRjFIcFHs0kha4htbC_tZop3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjE0MzY0Mw%3D%3D&google_push=AZmPxg8k1lEeatnsEjKmJ3msTCpxcwIDYLD4zH_K_5Igc49SFWmnb7lBWrN6uhGqrGlUrsj2xQLH6bRjFIcFHs0kha4htbC_tZop3w
Request Chain 206
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBJNA-3_-s1-zzUtGupbbLw&google_cver=1&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmbcY9G0gEmA0OWCjc4Ty6hhpxnTiQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBJNA-3_-s1-zzUtGupbbLw&google_cver=1&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmbcY9G0gEmA0OWCjc4Ty6hhpxnTiQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc5NDc2NDY2MjQ4MTY4MjQ4Ng&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmbcY9G0gEmA0OWCjc4Ty6hhpxnTiQ
Request Chain 207
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAxWRHfKMKemHvvJ6TfSwZk&google_cver=1&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sgOMDB-weeedBQfWP9fdODGflTBjKXdnPGwMG2BbLQWbl9IA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sgOMDB-weeedBQfWP9fdODGflTBjKXdnPGwMG2BbLQWbl9IA&google_gid=CAESEAxWRHfKMKemHvvJ6TfSwZk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1NDgzOTQ4NDQ1NzUwNjc1MTg4Mw%3D%3D&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sgOMDB-weeedBQfWP9fdODGflTBjKXdnPGwMG2BbLQWbl9IA
Request Chain 208
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN7pMzgL_ikk7HVEav53v1w&google_cver=1&google_push=AZmPxg8z4wx6CEHWPn6f8q-MtHPQJ6t-CaIzKGNyHAoSBOUhhJH0UJZbu_GScHrmaDSZs5lOWR8dbEes5P8kEwG14Qkaw8cr9s9Zcyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8z4wx6CEHWPn6f8q-MtHPQJ6t-CaIzKGNyHAoSBOUhhJH0UJZbu_GScHrmaDSZs5lOWR8dbEes5P8kEwG14Qkaw8cr9s9Zcyw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 251
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ntn.ua&sn=ChromeSyncframe&so=0&topUrl=ntn.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=bwRPaXxTZmFON2twSTg5QlIxcEQwYjd1WnRRRmlubTltNmVEbUFGcStxbEFHaEdUNEhCbHBaeHVGaTZlQjNtNU1NUllrejYwaU5OajJGRVMvQXpiMk9GbFFoTk5sRXRaV2pFNHdMaEYwTmlDb3R2c2Eyb2NDQlhaSjc0VzQvVGZWOGhMQWRUd2luRUdOdU1zZ0dIdVhHUUc3WEYzSmplUXEzTGJ4NmdYcnVWU2h6MWhqZHU2YlUxVUlpZFJ0Q0VvK3JaWFhjUERVOUxSbFd6M0grcmRJSGt6aXVxcEhCTUJjVjk0UXl2NWU3TmlsZ2syZXpudnhxam1QaFY4eGZ1TGxvSFFnYi9JeVhoMkNWbE1WZk1tbG1ZaE9MUT09fA&cppv=2
Request Chain 253
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pDhS_Xw4VzMraU1LeCt0VkFCNzN1NUt2NWU2NVE3MW9xNFVMbUh2R1UxaktPWnVEejBQRXk1bjgxNzNtdDQ0dC9xT0FLcTRjdFNEaGR2SkU5empMZzl2OFFxdDBTK1dXL1lmWG5KSFpKc2Y0TWE2cTFjUVRNN3poM3dJRzRjelBSd2lFOHAzWnpNM2dKdGVHT2dWakZ6b25MMEZyRUx4bWJ2RnVGOHVReVBZUHFocGdIUUo1cmhrQ0x3OS9hWmNSVjkvM1hUN2cwM2xUSU05WGx1c1V6TlBwWlAyVFRpaGdEK3NwTnFVWmRLWGV3WjVMVm1lZzlIMXI0RVVEUjE1WHJIUXdSdVRKYW1Hd0hNUmhJSHVqN2tDZnlYUT09fA&cppv=2
Request Chain 258
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=34576349-9505-4f00-bf16-ed56c61e0e72
Request Chain 259
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zeMm0sLlItjW5CbdzOQ_3sy0c9PWtCSJyLEJV3-D
Request Chain 260
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6794764662481682486
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBuzAMyv1mTL3N37axUTIXk&google_cver=1
Request Chain 266
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-xgQPgDT9IZMTF4RaG3VjQ?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6421478311693402939
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOU_sv-RuailUF3n5GQK7F4&google_cver=1
Request Chain 269
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4UUdKSU4tWi1GUFpR&gdpr=0
Request Chain 270
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aVIHGHEVR8eFGbSW6l3d-g&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aVIHGHEVR8eFGbSW6l3d-g&gdpr=0
Request Chain 271
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cUQY-akBRr-pZ6UnFkMnQw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cUQY-akBRr-pZ6UnFkMnQw&gdpr=0
Request Chain 272
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98QGJIN-Z-FPZQ&gdpr=0
Request Chain 273
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAxYTY3OWM5MDFhOTE5NjZmNTRjYWU4NDk5ZWZjYzNjODk4MjQzYg&gdpr=0

275 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ntn.ua/uk/ 		60 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f938f11e6a55c8b00af7b96e4e53327f66993145f6cd8b0d0a33ba4434cce584

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75a1dae20f5cb830-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 16:57:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnuETcm4JgU6IWgTXGD3fe4rlabdE2XTVAiORkYr7U1ksuZoi7R9G7liTnTGphWRkCgpotgh%2BjF6bassarDD49HtHFwXmZqRO%2BKit%2BWaFnUtxsNQpYXnL3RAtMIoOM2A1tIvGkY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ntn.css
ntn.ua/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css/ntn.css?v=1.2.15
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412cdf2044788ea49817775c0f2721e23a37d0d703099216f8ad48a7e73ccba4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 19 Apr 2019 11:56:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBOjHd%2Fe5ErbqUnGuvOmz1eBi3W45UznAGoOhR4beq8HEO0KQKN9OG8bmNzUBy63PFuI7rR5w%2BRPmiqEuJamkpE%2FCTFWuqAOpyjPa8f1R24Qx5Bzw3Zm6rtkeg0gW13seyfpCWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
75a1dae66d34b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
flexslider.css
ntn.ua/js/flexslider/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/flexslider/flexslider.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd8692c0357cdc68904b23a95002546b05b80176508f5f0a6cd4258fce6617f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7f6ufe9McPwWY9Q3Av2yQWr6%2B16nBM6SijDPeuGaoXP3OYQdhqCGPTcsUcp9TB78Ow11dVsY5qVmZvZF81wzBN1oqYODt48UbMP%2FrhNX1J0Ke1BbKPNCp3HI7z8gss7yThqPIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
75a1dae66d39b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery.fancybox.css
ntn.ua/js/fancybox/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/fancybox/jquery.fancybox.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208b56903dbc6fb3b430a26c64a0f86260c4c8bed20720312cc160c2536cc9a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfFRSuH6PIcs9sKEh9jbsse%2BLzyKJ3Ii6jThSFfWyiR%2FwLut5NSmoSfJDfQquyRKbvPyJWAhifJtG4qOKtKr3tvHDnnk6FZ3PSFB12EoghVULKqqVhuGvqVEARIgvwUaUWf6MU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
75a1dae66d3bb830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
superfish.css
ntn.ua/css// 		1 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css//superfish.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd794f1dfe14db0d7027596043d9987eb560aba7e210a59a6c24b3b27b029fa4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMOjuT8rYsby8zXifROMYYwOnR49P8jg0Ea4me7S9iWnGuLcML%2BT5FIcmmq1uHBJNd1OmYpN%2BaBQDHXNnHP4W9UVMndCymykyLv176rFuTtHAEfJqTby7HSMhE4dHM8G38AIt%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
75a1dae66d3eb830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery-ui-1.10.4.custom.min.css
ntn.ua/js/jquery-ui/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery-ui/jquery-ui-1.10.4.custom.min.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986416a58791f99bdde0b17c2b78dbdbf1f56de883b0ae0d5081fffedbccb38e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBzPFY7ip4C7%2F830wpsTt8PzBxxxV9okPTu5LpOA8n4jc7TDJJVvqz82kTB3IS8AMB2I8%2BFP5S1gH8xd8ygSKWD5fUwz8r19HW39oqKlQkd5VreOKR9TWFrYmfsxjeHQNrN6fxU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
75a1dae66d43b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery.min.js
ntn.ua/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery.min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6pMV8Ng8Ugpk0FaKv31EeLWcnHLsviwvM1%2BmpOil2PxdocO%2BHdQYsNNAWEt%2B9D4Nrx7tnqhPA2LogIpom6cnifLE%2By%2F8gQhkeX8WO4BcbLqKeIFkvTPedy69TnIGY%2BbQIBEsx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae66d45b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery-ui-1.10.4.custom.min.js
ntn.ua/js/jquery-ui/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery-ui/jquery-ui-1.10.4.custom.min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f0d78862e5bf61ae9af1709638702b0e0a078b4fd2cd4119927a1bd2a3f20f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjaHQyAo7PkhyVlxkNxgbtwvQANiuSLMNzmNg8doO1aNM7f1DL8mMmkpC9wOyFVNVIsm0i6YsJcrjzm77qKjsVVKyi%2FwynKZrqpb6DEjhXKFn9gCp5SaUeuxX31XAYUMw8gQvNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae66d47b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
respond.min.js
ntn.ua/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/respond.min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoVZhjjezKpPCuHToTISks9Dwd9F8W7S1JmlPCJEGkMPiqMFeZS1aGQ4kc4W9sse%2BZzH0zLwYODxousHaTpCBfo8W%2FWse3GvOBWc7N6GVD02VCCEIMfgFRPsqGQLnBm4U%2Fsr4zk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae66d49b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
swfobject.js
ntn.ua/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/swfobject.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W61vOwJiaOe4wNbHaEW1lZxTW9gKCol0ImzYzlU1M4b94cO6cMLhPdzRVT6K8L6W2suAK5H01HEtry8uIyXy5KuL0aEMoAeN1vxoE4E1P8aFYMPegE33wlewxpJNAeElTqHY8JI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae66d4cb830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jwplayer.js
ntn.ua/js/ 		137 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jwplayer.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0740b05ecb18441227c60d9bc57edb4c929db0e8c3cc2b5e9cc848139bb223e2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBQsh7sSpwjRwH9vuOagfAOB5s%2B2r89MSp2VUVLTSy6Qk0KUiIqJ8P%2B%2F7GkauFAYcvsCxWHpf2f0BhLPbywc2R8fdKdl%2BBro27%2FBAc%2BzFYKcmhMRM6J5R1B0H0%2Bm47wSkCf3mEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae66d4eb830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
main.js
ntn.ua/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/main.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d71acaeae9ad6820144dd16ceee3b5445bc20e70072ce10deeb9cc5781cf85c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rlbs%2Bd1y%2FRKqRdLEThVYYNyHHmSl9i05btuGoI5abruE7d5w0ZEiY5ATcMPqwZuZvZJyC2pXbaF8D3q5NMER%2BjCz1EpIg4ZgrHtsiYii7cI9MnZD%2BMoQ7xXolGrdwVrG2EpR7dw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae68d6fb830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery.flexslider-min.js
ntn.ua/js/flexslider/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/flexslider/jquery.flexslider-min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lpwK3EDjCr%2FM8s9VwwjFxwz54cLZ1QxCK%2B27iBbFzo1iytKXDILCQ3RbW3cDgcz5Z1Ymu%2Fqe9oA8Emu5JqbS%2BD%2BKPEUbrixRP%2BjYHc5A5ICddmTq7AduYM53z3L9nv9%2FZAoGSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae68d74b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery.fancybox.pack.js
ntn.ua/js/fancybox/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/fancybox/jquery.fancybox.pack.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=delB3Sc2KZbeQdgneqS3hm75BAWfdW47bBfE5JgA2ukaT3ceNj979dcbznVcg3c76npVrbqeD5T6j5U3b1bVEtBa2c%2BRKKJlz337o6dqcLyEeX0uI1EIvg1d16pis4hLUNX2Li0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae68d75b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
superfish.js
ntn.ua/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/superfish.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlXvU0%2B5R6tGtuFe91mDeugyX7emYThb07r4X26r8jzcWg%2Fzh4wPwtvvfv4jnkUktaNoT8qjsiJVoNiyViudwtLmpIxXjvEoj5i3i6TexcBeCUR7W6fIicqCBhzKY1dnHpWcEsM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae68d77b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery.easing-1.3.pack.js
ntn.ua/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery.easing-1.3.pack.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OonfMaGLpyX%2BnvcLLrTHXR645S7o70PsURW%2FapwC5s5D1p3KPCdRLuCmPN0sxVthHC%2BCGvecuGhfex3HFmWNhpV8dDl1dkomCOntQuZINH78LGkfOFGmXcswu6qTBg78rUvLjQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae68d78b830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
jquery.mousewheel-3.0.6.pack.js
ntn.ua/js/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery.mousewheel-3.0.6.pack.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lb5XMMnOT2ZeuyYxSGEL%2FhBDa0q%2F0%2BbddHn%2BbxuZWQDGiXFtRXAZ6ZqDa6JRymCj2aRmEKUFiQpQlVYyhXtaEroVvutWz4cMvmfdNIzNj24Pw8ODoUFeAt%2F1xzeWvyb7DqS8Tn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
75a1dae68d7ab830-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
segments.js
d.adtelligent.com/ 		16 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adtelligent.com/segments.js?id=87
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5120::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:57:36 GMT
Server
Adtelligent
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=7200
Content-Length
16
vmap-js.js
unpkg.com/vmap@2.2.2/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vmap@2.2.2/dist/vmap-js.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbe2679d44a1fc74827066d51144859932d36f0dcd9e4bbc8c6b72fe5ff3073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
727377
last-modified
Fri, 21 Dec 2018 14:16:58 GMT
fly-request-id
01GEP16AAMCBH2R1N6409CVYBE-ams
server
cloudflare
etag
W/"d58-nCDrlApgb5bvdpj1ugv9uEgKSyk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75a1dae6cc22b794-AMS
player.core.js
player.adtelligent.com/static/ 		465 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/static/player.core.js?v=2550
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e9dd66b4edec6409af2070004b051321b8108390821cec813104035f2271353d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 16 Oct 2022 16:57:37 GMT
date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 15:00:12 GMT
server
nginx
etag
W/"626bfd7c-745fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
player.core.css
player.adtelligent.com/static/ 		155 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/static/player.core.css?v=6994
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 16 Oct 2022 16:57:37 GMT
date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 15:00:11 GMT
server
nginx
etag
W/"626bfd7b-26cfa"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
MISS
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-157387674-2
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8653c5b5c85b1ca570a699c16b6769e59f506c039dadfe739a321face9560225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42489
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Oct 2022 16:57:37 GMT
atg
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/atg
  • https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
HTTP/1.1
Server
52.48.190.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-190-42.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
1e397c6cd24daa8a7e13da7070338bfdf7a121a1454b3964d49c13e398afeb8d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:57:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Date
Fri, 14 Oct 2022 16:57:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
new_logo.png
ntn.ua/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/new_logo.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
381366d818edd69e678d1d5c919d91774a00458f48e8c5f477d30727a52af8b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-1036"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rz3%2BVGWSTe81yDkDiTrYubvfrmfYMyyt6Cf0FPgEwP9oGm3SREElNvzh9cYnD5T%2F4JQfjr%2FceE2j95xOnbrGGTaAJ0mx5jMf3WYXNkPwfDl5e7U6C85uL%2BLMuXs7v5DopJxBtzU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbd5b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4150
expires
Sat, 15 Oct 2022 16:58:41 GMT
nosignal_uk.gif
ntn.ua/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/nosignal_uk.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dd6865cd73589629a72003cfc7a4f4b2af96b6e692a245369ced73ef487f83

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jan 2017 12:32:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"586e3cfb-5c48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDY4n4Xb07gYgoSW3QgBwfHnFF5hxFk2Wk8Ygw1m9RkmMjUeNzJgNTw39K65r3MoTTh8XhAvfN%2BjNIH7qu07cjcCtoMuqnriPlvJPn5rKXaIndubqRUNkyzpoaJceuZ%2FnsgdKnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbd8b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23624
expires
Sat, 15 Oct 2022 16:58:41 GMT
announce_uk.gif
ntn.ua/images/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/announce_uk.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7ee99f99266cdf5847765b824e9703f6b64ca4ef02ba1810dd6f32b5d96e78

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 16 Jan 2020 10:52:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e204052-2f699"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVIE6%2FUmHnS%2Fo4Ii6Xv4ZFX4FqmrMrSV6CV6a8N2Pzkt4t%2F6B%2BOITuFM9ytK7yE9%2BSayBtD9JuU3LriU3KlVVMn2j8oFVqMpgzWOlqeKz4tGoOqYwRfb66EBOX7juKBrhtC5TcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbddb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
194201
expires
Sat, 15 Oct 2022 16:58:41 GMT
625e2de2f055fb014d580e2eff6a4c49d960fdf1.jpg
ntn.ua/uploads/hot_announce/2022/02/15/ 		357 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2022/02/15/625e2de2f055fb014d580e2eff6a4c49d960fdf1.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88414e57f13a0d5675804c8ce82e9ac4b1680358e123baff030c6f2da882f39

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
365823
last-modified
Tue, 15 Feb 2022 14:22:50 GMT
server
cloudflare
etag
"620bb73a-594ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6V05iayuyxisiZHvIUxhSLktEvpEJ1uGg0v476nnwGOZKzyBsQcy4FUU1y3teHKqPfpeNAR7an0XpXdgHk41HjyFfQN1aB1Wrrk8AavzsIwcBKkD%2FTkyvzVNe8LxdpQmfB5Iu0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbdeb91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
763fe6c775e3257bdb86affb334ec08e236c97cc.jpg
ntn.ua/uploads/hot_announce/2020/06/24/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2020/06/24/763fe6c775e3257bdb86affb334ec08e236c97cc.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49329619a159bfb35202ea4ee9b2d10cf810983aff0a0e4d987f3ba5e1c1b659

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63676
last-modified
Wed, 24 Jun 2020 11:14:00 GMT
server
cloudflare
etag
"5ef33578-f8bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9JqHlYVKBRkTtnEny063c1xq4o4rbAYADuEc6evWA3WQyET13msX4Gt7SP%2Fk1gv86E%2B0XZvUv8CaaxhjrJAhVH6oFEiX4KK8xJfOT%2BxWtPORNrq4Ag%2Bz0QqZgn%2BAFQeW8NZS0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbdfb91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
883c1aaa88950ab99adf5732c1d6274e9f153480.jpg
ntn.ua/uploads/hot_announce/2014/01/31/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2014/01/31/883c1aaa88950ab99adf5732c1d6274e9f153480.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ef4c6ee8e9ba88ac805bb20fde15e424eb1b20ecd033bf5d81890038d22254

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68805
last-modified
Fri, 31 Jan 2014 17:18:19 GMT
server
cloudflare
etag
"52ebdadb-10cc5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi8ZQyx0HOHM%2BSByYObrfBSx1TQusuqHfAPDwr9QQsNX5T1iTUMwpldEK5vbl3qkioY1d5mxY%2FqSaxR4AloqWqBtkwfiJVXV%2B3ydYAm82Ro7uV5iAnhdRrqAW18hxR81Fh531Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbe0b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
74534aeabe264ccb10e9efc73b280e6a9b0088ea.jpg
ntn.ua/uploads/hot_announce/2018/02/22/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2018/02/22/74534aeabe264ccb10e9efc73b280e6a9b0088ea.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c988a2ec0f9174ce94ba23912884cc986743792df9dc9b22881d824aad9eca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77215
last-modified
Thu, 22 Feb 2018 11:49:31 GMT
server
cloudflare
etag
"5a8eae4b-12d9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bI0Aj%2BhVrcM7CeSQcwN%2FpjMd9ZJE0RcpZmoeMBMGsaevzed5QjWAkggoIXwgy8RvKxJZRyRqlV5sceFH5cRA55dDgXMb%2F5mmIHK6IFzk3cwJ%2BKXV5v63dyivSDir25ZPCtIIKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbe2b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
3d99e6dc71e5f1523518c8c10d992222e058a822.jpg
ntn.ua/uploads/news/2022/07/30/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/07/30/3d99e6dc71e5f1523518c8c10d992222e058a822.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc14852357bf40d65a11e8278a3a41fdba5a6bb5bab56ba3de7229d159243738

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
209907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23024
last-modified
Sat, 30 Jul 2022 07:02:21 GMT
server
cloudflare
etag
"62e4d77d-59f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFO6t7e3KQFZFbcoSiVTw8Sj3y7yxWufg6aqk4jYNduV%2BV5z81GklQskw4LQ3wg7VTlrD3lC8mbitCgPT4qnDoszo24vbYyBb1LTmDT3rI9FT7BNb40t5QY1PhaUFCUTWcH%2F28I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbe3b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
a0eb5590f42bde29a7981e455f8489c33f2c91ba.jpg
ntn.ua/uploads/news/2022/05/30/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/05/30/a0eb5590f42bde29a7981e455f8489c33f2c91ba.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47a846131784dcb7bc4fbecf19edbcbe21b84923063526307a16f082cf966e7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193036
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35684
last-modified
Mon, 30 May 2022 10:28:56 GMT
server
cloudflare
etag
"62949c68-8b64"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n55Rip%2FRqNRY4KO%2FwKXyCYIF5QdmC292cPcHb%2FOeWK%2BybMjXMbYRWEjYQQwrA%2BV6FgBsb0pu5tGq9NQEExsob5aHiuNvURtRWSXqQnn24CFmi2sEKn33Gf4Y%2BF%2FUpkbK0w8xFAc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbe4b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
video_big.png
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/video_big.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a348371f57afc03cb0fb301990daed6d812024631df2e6602f818193a074cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-5a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7kw13oMS7bwQ4f1sdm8J%2BjhJgHulOyJx4GQuXbkG84HoEIlPuJ3HwhFoEKHbXW365JXSIH4HimgVci9UKtzDtzJjHxkQma2BOmyYinDfanqbXz4huQbthh38Y5JK0kJE9q6H%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbe6b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1442
expires
Sat, 15 Oct 2022 16:58:41 GMT
f2d1ee7bd6bdbddf5cd76bd6e8403dea35045336.jpg
ntn.ua/uploads/news/2022/04/26/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/04/26/f2d1ee7bd6bdbddf5cd76bd6e8403dea35045336.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a63ae8451325ac53bd3ef756cbd88ed3a8148e3fb30d05938c99e222d3bb889

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33432
last-modified
Tue, 26 Apr 2022 11:11:54 GMT
server
cloudflare
etag
"6267d37a-8298"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2fQV%2FriXN%2FH4LCRR9z3Tv35IF34swOqjhNGls5AO6yFCvTYTE6%2Bz6BE%2Bek1vyl7VkjMyarROInvuelX3aY78V%2FLVD9BQkC5FScZM6ORYN%2BfSmkRSRb6uM48Ah22erCcCghP9HA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbe7b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
f2672663a7923a6f72de910c1f53803b9045c99e.jpg
ntn.ua/uploads/news/2022/05/10/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/05/10/f2672663a7923a6f72de910c1f53803b9045c99e.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec9bbb71ee1b207d2f6bf43465b65cdd106320f89567b66abbf07f59a8ca0eb1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72236
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45000
last-modified
Tue, 10 May 2022 10:43:16 GMT
server
cloudflare
etag
"627a41c4-afc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xfgjTIR7BDv2JOxP4dn8WM1wTN7NCloSLwSfh8nCchJUBjeHM8FweflvoF5pRG%2BroA74qjDFfboEf7QvSVsSwXiz6Y%2Fdw%2Fo%2BQwu3U7hYD0zjwHzERQJW9f7uP46CnQNpXBhliU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbe8b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
25d5a7992ea9832e7670b5e437756d39d5132793.jpg
ntn.ua/uploads/news/2022/02/24/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/25d5a7992ea9832e7670b5e437756d39d5132793.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03002f285167bb5b5904202b949a6c51680fa72b72e9ebf1de3c203a99d1b4bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193036
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9098
last-modified
Wed, 23 Feb 2022 22:20:10 GMT
server
cloudflare
etag
"6216b31a-238a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUprmpLR03qUiiTLZaJHAyaH3iGld8ccmOroVAHEutXCBrEvMSFbS8yDzetO5HjPxMJQ555B6vNQ6MP65hvVpRrkUWMTty4A1NyoUmWEUtnGSNiCA3%2B%2FiEGxldJGxZ8UKFg40%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbe9b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
video_ico.png
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/video_ico.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba7fc1dbf2b813f54a1607b24d3787085661ee777eb9ed66197e2673607347e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-478"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCahnCbUENF3DRKNkeArDDOssq%2BorBvH3yckIyz7nGRfATUqI4oFfqIbRSsZRrZjdjTvpbI0u1QIamN2xfesrcvgvpu80lRtHndM6a9VNj2SktOiRO3ETWSektr7AqhmH6l66kE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbeab91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1144
expires
Sat, 15 Oct 2022 16:58:41 GMT
de785050f23f36c989d3e1cd365ef9fcd8e0b249.jpg
ntn.ua/uploads/news/2022/02/24/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/de785050f23f36c989d3e1cd365ef9fcd8e0b249.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afaac8f389e0f0347225f6c0225ee1639ea8adc0439a35135056d6fa2a0ee1b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193036
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9858
last-modified
Wed, 23 Feb 2022 22:17:35 GMT
server
cloudflare
etag
"6216b27f-2682"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbZ2XPdNXnzgEjqFTfCxCh7v96xdPDtJ%2BkhB9uDHDh%2F7IE8xGyp444aTK3kHgqnKLI4BrtLvl0vigZLKWwiU73Tk8X5b6UO8WWUZ%2Bpj2qgBF%2BMtQnH2IyLBh6EWaCoBRexDnaXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbedb91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
666c5250a9685430aa994abee07d40fd894d0196.jpg
ntn.ua/uploads/news/2022/02/24/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/666c5250a9685430aa994abee07d40fd894d0196.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea880f80a81e709d0deb3a1a8199827cb6cdb365782cdbd7a5aab215da5e413f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193036
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7538
last-modified
Wed, 23 Feb 2022 22:15:13 GMT
server
cloudflare
etag
"6216b1f1-1d72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHsXPF9C1ZLY5VMI%2Bk9KITaPo21nOdIiUD4m9qWgwVvSWsGBi3auGECXmHl8Lthnavo7wOBY72jFGUDvnSNrOuyBGKa7XdoedkuY9hQJRoDr%2FapfnZ3e3FSdP67FkbtQGNNyJK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbeeb91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
2cd7dfc8f117b2f57008c17e9909f932321baa43.jpg
ntn.ua/uploads/news/2022/02/24/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/2cd7dfc8f117b2f57008c17e9909f932321baa43.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8d9f66bb6444b64ebdd9c4441c267417d2be60bc7a74806d7c3746cf6109df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193036
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7285
last-modified
Wed, 23 Feb 2022 22:12:27 GMT
server
cloudflare
etag
"6216b14b-1c75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=393oDJuW2MI%2FzuLRZNe63SUL1rwl1hF7I9IsW%2FBIGSiLuMN40M5UQ8ny6qG7LaivE88SYjkVsYNxh713wMii1fIqTtk2OHozC6rTw%2BXAlP9E%2FEXjxKZsxlVhk%2BoHfT08BF9WV5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbefb91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
77222b6bbf0e407c9ab55ae518249acae7533786.jpg
ntn.ua/uploads/news/2022/02/24/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/77222b6bbf0e407c9ab55ae518249acae7533786.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3834ae4e6f5e939900a4d4740c747805c4b0a0b3de2a11bf9eed90966c6e316c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8132
last-modified
Wed, 23 Feb 2022 22:10:08 GMT
server
cloudflare
etag
"6216b0c0-1fc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrHaBeHTuzN8G8G4zyf4JICeRXbzMSuNvlH7XQNTWcvM48O7htc4PnQctogxqetKTDguMfheWQ2pJdVeIzqXPA3yE2lDCdizG6wvnAYYRC674dAFuALCgV46TG9ny3HMadZNW3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbf5b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
e2a7801cdc45288f9f6099092cd894d2797fcb5d.jpg
ntn.ua/uploads/news/2022/02/24/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/e2a7801cdc45288f9f6099092cd894d2797fcb5d.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4af3262c604d9ca5d1e61f23af267420db3393d18c9a3dcd604548054cbcf7a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8412
last-modified
Wed, 23 Feb 2022 22:07:34 GMT
server
cloudflare
etag
"6216b026-20dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3IK3fk3Wje6v8jNuUYz9M4IKqVpPytR0XpwXUhfAb1uc0OvpQpMHI73fvOd39wfTy8YgGPH8JVgb3jOq0VpPdAvUBBd3gjo%2FQjzKb%2BPRl9Z4ZZzD3%2FEi0NQaFkvyz8vdYV5NpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbf6b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
001a3c147f2eebd6850a84ead24f4ba9798e300c.jpg
ntn.ua/uploads/news/2022/02/24/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/001a3c147f2eebd6850a84ead24f4ba9798e300c.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a6e289ea981b353e88457da65f62626da3a70a2e7e2ddbdcc542a8da491c76

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72235
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9019
last-modified
Wed, 23 Feb 2022 22:04:45 GMT
server
cloudflare
etag
"6216af7d-233b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OL9jTsNS%2FhCG6y%2Fh%2BnDmwml5Cp0MWxVXuut29yv1kH8iIqi05q3MWC81hhTTX0UjjG3dDWDBoZGqz0Epb1NQyMppg1zKFDm2fHY6YtPXbEf0AVhWCu8SWokFu1gOIyBEKbPbQiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75a1dae9bbf7b91e-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
ua
inter.ua/
Redirect Chain
  • https://inter.ua/uk/announce/channel/3
  • https://inter.ua/ua
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://inter.ua/ua
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Server
2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4pHnMESuACCC0njjg3Hc0fDIIMnFsbbG3Mll4Lp%2Fc9YzVc0NOSwZcS%2BDIbJUEJ6%2BCK%2FPnpcllROAlWvLqhMPmZ0GOx0mnTTVPaVUpuTGfnMq%2FUoFEM9xjYLRpsrm1GVCxsDhC0FiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://inter.ua/ua
access-control-allow-origin
*
cf-ray
75a1dae93f58b740-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
inter.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/inter.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0326a9b3b7474d52cb6d04bbe07fc6609e991addcf5cc83696e319d67f172c34

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-678"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QzfdHYnaoS%2FuYXRc%2BmFzDX0bufYWuzpR2mvPZiU3GfalvAc7D2BYi27hubfgOcQfR4XX%2FrdUbCq3h4BAWlBp9RidtEE0LokITmw3aqjhEPBbU%2BafF2TuoCCvqVPSKgI5n4cXLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbf9b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1656
expires
Sat, 15 Oct 2022 16:58:41 GMT
k1.png
ntn.ua/images/partners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/k1.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da84bce8a2f715182ab131bd1367073145e6807204f213d30048cb20cf6f90de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Wed, 27 Aug 2014 14:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53fdf15d-e8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8gHvETtATxZlzI795y6%2BMjx0R6WT5ebYq%2BPNPl0FcQxSelHYMpWMHbQ%2BatiH%2BZ9EjKBQ6KQanOoznpmvV2bO7F9PWBK1CCBgZpfJtngLHmowdXbCMa4FvScZQgk09luiJv9S5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbfbb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3722
expires
Sat, 15 Oct 2022 16:58:41 GMT
mega.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/mega.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e52f40b619e103483256eb589f4f98b4caa8e189e8c57dec9a91fd1a1a5315

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-62d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3NzBqU0FNdM9k1dc5y13O9QGbmuieglavhOc0n%2F1FGsexRn10hzg%2FJxtx7sP%2BJrkMYlR5xkgKesKqsSvv8OLmFTvBdoNRFSn0hVC5%2FN%2BB99WqJdaXkrxc6uP0WudCz%2BEI3oq4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbfcb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1581
expires
Sat, 15 Oct 2022 16:58:41 GMT
zoom.png
ntn.ua/images/partners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/zoom.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c59d202cf8baa1dd433ecd9e8d4700103b2b811d08609da1f9d4c57712d7adf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Mon, 19 Jan 2015 15:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"54bd1e55-e26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFqdqPusd0IABQbjeB3FUHigY%2Fyc2fRM6Y683nZV0BefMnla%2B6jZ2%2BvoMUq1TAb1CF8doJhnlXUZsc79ChTtF6H4csYcI0Cuj2FKhCddRT%2BAxDCn7X4wuhgFGuhmFQYqOeRAKJM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bbfdb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3622
expires
Sat, 15 Oct 2022 16:58:41 GMT
podrobnosti.png
ntn.ua/images/partners/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/podrobnosti.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c20df02077c26385577801eb8897f405a95c63d0c26ee24ac3b4e2043f302d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-1380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxhHou16Wv%2BTrCsytQvp955sj3V581gvfZIFy2OqBKythZmPZTlkokyOjt9ZMdLgzQ0ZHmmG36dUxuDXkahNk32duQoA1AIjCFE9N7EZKIu6t1YpaFeI8GcLQ3aqBFM2QAuLf9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc00b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4992
expires
Sat, 15 Oct 2022 16:58:41 GMT
music.png
ntn.ua/images/partners/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/music.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c6f48908ed95c62c11af1eba731178c21d24425b680774370a153bb272edd9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-80e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2nefJdj4WbEpIL0JyHCr7%2FNkrtLCpmSLRY2Pq3L4OoyJb9zzVNupEOaI%2FFc4ElUBNv1LTjekAJgczmMAv9YHK8%2B4K%2FDlli3DF%2Bdr8A75xD8DuilUODxOK63tTE%2BnU25DiYIYzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc01b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2062
expires
Sat, 15 Oct 2022 16:58:41 GMT
enterfilm.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/enterfilm.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb603e9d8681e4056af140a5d281a3e1da054fe3aabe9949932f8a80456c7fd8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-7ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNplDhhu299PpTkIakdSCCR7LpEtR6d%2FWbf%2FInBZQi%2B32UUl2rq1KGzYZcC6n%2BiAU8EiVNqfKcswHEP%2FibMTobaWF5HLROqjx8PyuSv%2F1p5pqOkkMQzqUVSQudV26wps0BILRAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc02b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2026
expires
Sat, 15 Oct 2022 16:58:41 GMT
k2.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/k2.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6bfea0bfaf58f5379f225a0dd59050f89614fd56b9a2afc495503eaac76caea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-7f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jrscJ9e9RuZv4JX8xQDim7b%2FGB1J7QB%2B%2Bmx3QWd4Ts4jyI59f7BRyum4IRxOlWLXHwWugUT6xBWTGLW5NTo%2F2BI5x3wbPAhmxWUFyCVZqTc8HZWfO5K6wvRenTcKmigTpPatp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc05b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2034
expires
Sat, 15 Oct 2022 16:58:41 GMT
inter_plus.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/inter_plus.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca2074fdeec9bd4b9909e99b1c85aadbe318a83e62d99ae8a10a1d3e5aa79c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-71b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTqO2L%2FBA9QGWsT8TwkLDvSC4H2sd791Qi%2FK31luVfAd3h920vf08Wdx4UV9Qc0UPPj6tkhlM0hSKCs2XlNzunnWMnnd1BsKp%2BL4SiMxWLeNpxasoUvXwj48p9zpzVwp4yhRXg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc06b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1819
expires
Sat, 15 Oct 2022 16:58:41 GMT
pixel.png
ntn.ua/images/partners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/pixel.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7664c1ba21942bd39804692046f89a591d6ff83a1b7cc29239a0d7bb5c91953f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-e97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVT7GCzUGySuQF0ie%2BDG%2FvV3GxwOJvF431ywHcZkKycgvyprEmK6Tvlf0O1odlN%2F2%2FbdPxo7%2FGeFYQA%2FIyr2uh0tQeIdle58udRh%2BlvFUkFFxhEv%2BQNoBGwhabL3UaNvYQCbCj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc07b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3735
expires
Sat, 15 Oct 2022 16:58:41 GMT
intertext.png
ntn.ua/images/partners/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/intertext.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3abe1d50aafde6d03b75351af751ef980dd9d02e1318dd18a62dcf918cea661f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-976"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWTdoeAUUDLCBvS8gEjOB3%2BBi%2FCq4ieBwdNE4YlXzW8R%2Fzh2pkm9egCGJ%2FZET1b%2FpeLgMWA2PP6nurqEKRL5vWdIi6VmRWGl5TuDPYNyk4QpkVF0TC6%2F1PCDqhEeLhpqM7rJTLI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc09b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2422
expires
Sat, 15 Oct 2022 16:58:41 GMT
print.css
ntn.ua/css/ 		0
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css/print.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:52:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0b-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bSnSSJMrwvcn90QcNCu%2BX%2FMpfgVotJDDyFaAz8L2qo8BQDzROaZoDrdFGmpfVBnrZ3M%2FgY7J3Z%2FrjpdzztjlGds8UsJ1LlkRhwr6F1tGv%2BqQvEI4qCd7Z48cC5Cjv6lzLrYSbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc0bb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sat, 15 Oct 2022 16:58:41 GMT
reset.css
ntn.ua/css/ 		843 B
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css/reset.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5894efec8f9ae727dc14f30e4ef20c9faf9ea2c86f570a287b061e6b1dd25fde

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"53904c0c-34b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFThoLNOC6ShMCwncScFO8LUCCpPoV20G%2BJPZcfowxtl%2FULjDSoKIVTWk9IAMA5CaWarCKyCIIzR0rwblSNfD3r8weuWcQPYaspNE2V046IetX7SjaEYqlV2TwGrGOwADiy5xos%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
75a1dae7f80ab91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 16:58:40 GMT
xgemius.js
gaua.hit.gemius.pl/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 13:21:50 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
15975
expires
Sat, 15 Oct 2022 04:57:37 GMT
player.core.css
player.adtelligent.com/static/ 		155 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/static/player.core.css?v=2550
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/static/player.core.js?v=2550
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 16 Oct 2022 16:57:37 GMT
date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 15:00:11 GMT
server
nginx
etag
W/"626bfd7b-26cfa"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/static/player.core.js?v=2550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 16:36:55 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1242
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 14 Oct 2022 18:36:55 GMT
hb_285194_899.js
player.adtelligent.com/prebidlink/462712/ 		284 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a30456069803e789b02e498f563998088b85bf1f3eeac4383c1925c790b150c5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 16 Oct 2022 16:57:37 GMT
date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Fri, 09 Sep 2022 11:19:29 GMT
server
nginx
etag
W/"631b2141-4704c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
513761a4f18fc171f5faac77f9588111e06b4c1bb755a19f8214abeed6ba0973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27689
x-xss-protection
0
server
sffe
etag
"1363 / 259 of 1000 / last-modified: 1665745594"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Oct 2022 16:57:37 GMT
wrapper_hb_285194_899.js
player.adtelligent.com/prebidlink/462712/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/462712/wrapper_hb_285194_899.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
56202b9da90fc673469eca5fb60bdd13956a769cb1548aa78e3962c419c7840e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 16 Oct 2022 16:57:37 GMT
date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 21:46:29 GMT
server
nginx
etag
W/"6345e435-6c2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gtm.js
www.googletagmanager.com/ 		115 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTN3THZ
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
457ff2539b88209b8375002f8cbf478a5adcd6cc33a3fa8109474d4300090eed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44279
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Oct 2022 16:57:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 16:57:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
uOE5S1oQbo4ktjqyu841jLLgNx14zeLIkVBVpaxood1ieBq2Oc3xSZB2v15uwWe3lyb9l2hDa65WDHI8vxAsvQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-135-39.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 14 Oct 2022 16:57:37 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Fri, 21 Oct 2022 16:57:37 GMT
ico.png
ntn.ua/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/ico.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7b57e53fee02c97a15aa8ff8be4ed26df2dd422d76b4f70f9866f4efa4ea24

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-b13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAfj9b44iJ8F%2FFr8tGIvfuAw%2BQDHMExUf9%2BwaFT8jvgdksK5gPxN6JsIXWQNi0kCvuTFBA6iPv6IsJ%2FLK4qZjj4CMGpaEugraT7rX2X5eaQzEjI2BACdI%2FLPQGG5qiAVbUx5aoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc0db91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2835
expires
Sat, 15 Oct 2022 16:58:41 GMT
ru_lang.gif
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/ru_lang.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee553c847b17af2ffc8d1ae1dc81c1fa6c8356246c31bd80e0a470097ec4430e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky1xODW8XlojiUIrj17jzU0sMEGR7%2BhTlT4ggWVzlp44%2B7gNJXFKqqbzgGANBnMPLB7wTZL3RWR4rlzW6X%2BlhmNgAjm4L1i02F6mTGx8%2FVqhOU5o%2FkuHkCinWORD%2FQ1qd35W4So%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc0eb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1136
expires
Sat, 15 Oct 2022 16:58:41 GMT
header_bg.jpg
ntn.ua/images/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/header_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c4b081ef70f3eb0a934344392df220f0439f91a9b5e8aea93c71dec0beb416

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-1ca0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0eSdW8i5HZkya%2FpyT0USSomsqDFnPlvlvLuNauApFYO%2FjMSS5eJOTQO4bLueb24yoWYbXMinOItbpQMVSdkv8MsI1Fg%2BldZMMLsB%2BVScEyy3xsyoDtdbRhRJYQSLI%2FTk8jKhdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc0fb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117262
expires
Sat, 15 Oct 2022 16:58:41 GMT
src_ico.gif
ntn.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/src_ico.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ecd508aad794a6ed4455e1d7c45f43521926fb86909a8cf41d92441e11b8191

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-6ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsN0fs310IQDzo4%2FlBZ%2B%2FYpoS0l3LqILRlvtCThYBMMhbOg%2FNHQEILGrbJsTKajlRutl%2Fkc3G0B4V8y6ARlE2knezRfxX36kv0Fv8ynyjqnNVsUNbcwR5v07OIxqjKhjf4ryCtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc10b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1770
expires
Sat, 15 Oct 2022 16:58:41 GMT
menu_bg.gif
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/menu_bg.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe40cfa31540c665cfcef441f51c5456d1ce107208ab6a43e1e5eed00e8359e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-47c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMNlesLygQPL5kFvp9D64botjgUuXNqTGnWjkGYyp2d2HB5%2BZ%2FhhbaULpYktCnqU8XsuHrBLCamr4KUOyWIBVpqdrE1FVMMElCxI%2FQ2LmVw5rbLsEgk3sGpusbG%2F3R9O3AIlpzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9bc13b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1148
expires
Sat, 15 Oct 2022 16:58:41 GMT
likebox.php
www.facebook.com/plugins/ Frame 08D3 		98 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb9bb1bfa239809a15dbdfe332d3d97459e0b5f0d5b705b95b09ea0f1bc1c9f2
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 14 Oct 2022 16:57:37 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
IE4/ZQSfgiFMEptWK6pfod/yozfvy1rw0LfH1AfXz3uJhOlTrAOOEWFwAOHfAVoZrSfTEINjCSBFnBkazVCh1Q==
x-fb-rlafr
0
x-xss-protection
0
mega_bg.jpg
ntn.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6400b298d51a07b76ae017a62d74af08fd20e249b564f7503712362f2c6710ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-659"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft7JOOKrjwF0qVfl8pR3SUsHNylXFrzQPLcLUnMZLlNzb%2BfZR%2FHqN40oGEAm%2BvXLOmFVv6vdeY6fVWG21lOYUA2ZpHArcDiYPzfAGXeC8Jvyt5VuOY3cHl5lmcXl3zImSKGX9rY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9dc2cb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1625
expires
Sat, 15 Oct 2022 16:58:41 GMT
mega_left.gif
ntn.ua/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_left.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d856847402c3364ef3f2a44db48934f52cb1124cdf804f810512a5300bd2824

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-e65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BMvnPabgWQFuEGDbtWAGGRL1gqqznbusFfvsM%2B3upfWP62nuDcyqgeh58rt68T5E78n3gWyNK64LPRYd20rjWcK0Yp2wGI78HjMbO11U2Njqw%2FFmKEaF8YciEM%2B6%2F1psZBuIxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9dc2fb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3685
expires
Sat, 15 Oct 2022 16:58:41 GMT
mega_line.jpg
ntn.ua/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_line.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d40bed0a850cc62b9bee0b3f5b56b375369fd77be705d8b7aaea4c52861b1d6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-91a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSXLyJEPC47nA6cHVwEhR5LfCkgBzsUMvP9jjDMsWgnXkFgHJFOkQqQXNYh8GGRyRvQIPRbvj9ymBn%2B93aD45gNLV89Ts0lYOde2uS1%2F4Mji9YdMLcI5ZuY%2BII%2FtJX4NgxyVUaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9dc30b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
expires
Sat, 15 Oct 2022 16:58:41 GMT
mega_right.gif
ntn.ua/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_right.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f93ecb194463551254b9939551d09fc56bc0e6b76c31194b122c5cc0f22545

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-e5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjH588dZEDYPOFrPripdGIBcyy8RMH7uXh4Gn%2FX09tS%2FgmKNDZWonYV2iJU8MorDOhDc%2BiqipURz%2FNSW3C2Dx8Rt5z9HQ8KjVmgHRInZ674rdC1CW0%2BJerM3FJlz25HQvU4L%2FTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9dc31b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3679
expires
Sat, 15 Oct 2022 16:58:41 GMT
report_button.gif
ntn.ua/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/report_button.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561a4d0814fb3525fcd7a0662570193fefce4a028256cb773e490c4b06f0e2d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-ab1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3sjnX0%2BYjwz3tACl1x0jhPrGxddeDNjR0rExQXPOgaIJVt5RZvewzlWlFG%2B%2B%2Bch6hHFTddnLPZOr%2BNihbNXz4YDCjmKfE5ykeC7E9ie4WFE66IcnmEPmNgilCUHMsip5wuCe%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9dc34b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2737
expires
Sat, 15 Oct 2022 16:58:41 GMT
channel_anons_bg.jpg
ntn.ua/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/channel_anons_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2343c85bc2821e75541c4d4d0dcb510c267ebc96baf367af57309de6baae8a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-ebf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzI5PMjD%2BYJupvWKNCXw%2BlfPlDFR9SaFcdZDkxR%2B7JySv7j0IJ7oxquRhA5Of2n7CzASlnX9q1wIzFGBB6K9R53DjhdKE%2F3DXHzWsJEWaCHEXUBcS9%2FQoebuIp08PpjY7Vm%2BvaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1dae9ec54b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3775
expires
Sat, 15 Oct 2022 16:58:41 GMT
hbw_master_285194_899.js
player.adtelligent.com/prebidlink/19279/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19279/hbw_master_285194_899.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/wrapper_hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3d9cff4c8d0927aa9d57a767a0efea7094bdbb6a6eb55219b89114d5c0b304f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 16 Oct 2022 16:57:37 GMT
date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 21:46:29 GMT
server
nginx
etag
W/"6345e435-18b8f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ 		154 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19279/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
43bd8a3e10e8f2e3cd87d9eb17c57b835bda7aa6a49a367577aaa9bea014d6f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:57:37 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.adtelligent.com/adunit/ 		43 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=285194&site_id=899&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fntn.ua%2Fuk%2F&adid=8qgj10.08&features=81952&vpbv=N091&lifecycle_tte=1381
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19279/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:57:37 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
03.png
i.bigmir.net/cnt/
Redirect Chain
  • https://c.bigmir.net/?v88708&s89294&t3&c1&n507424&w0&y0&d24&r1600
  • https://i.bigmir.net/cnt/03.png
723 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/03.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
last-modified
Sun, 02 Oct 2005 23:04:59 GMT
server
nginx
etag
"4340679b-2d3"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
723
expires
Mon, 17 Oct 2022 16:57:38 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:37 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/03.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
cm.js
source.mmi.bemobile.ua/cm/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:53:34 GMT
server
nginx/1.13.0
etag
W/"5dc27bfe-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:53:34 GMT
pic.gif
juke.mmi.bemobile.ua/bug/ 		56 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juke.mmi.bemobile.ua/bug/pic.gif?siteid=ntn.ua&j=1&nocache=0.557283289254634
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
-1
footer_bg.jpg
ntn.ua/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/footer_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47057a03aed7a53b879618baa1fe40c2cf470e8c6fe84737163ca94c340f9d81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-68e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKfqjtS%2FKJWG7Y6Q6ddDqTB%2Fb7LWTWFZBj%2B6lDnI2XKEJ6hrBuIMQLdBbLjn7zI47wHcdkHQOAhlcpHEGUuLo8TrfzzNw5ryoNz8%2FJmFE7GQ2pHuYSS9MSsclYHBHhs%2BZcyFgfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1daea7d78b91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26850
expires
Sat, 15 Oct 2022 16:58:41 GMT
293798261393374
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/293798261393374?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9e2f01c9d2cff4dbc32d2d614259b4c9ac8d47aceb94c67b5b1b11bf4730c4d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 16:57:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Zt0Pn+Tft6COi7E08NV3Y3nRqVFMI+2kUwa3vzxoG/RVQhHU8mYWbWXnSElETBTwN0QpXcMHbjUFj/jSJzgvDA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
79386
stags.bluekai.com/site/ Frame D93F 		71 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/79386?ret=html&phint=__bk_t%3D%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fntn.ua%2Fuk%2F&phint=__bk_v%3D3.1.10&limit=1&r=62387479
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

bk-server
e1a8
content-length
71
content-type
text/html
date
Fri, 14 Oct 2022 16:57:38 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-n
S
pubads_impl_2022101301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:16:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131264
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:30:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 13 Oct 2023 18:16:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		102 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91ea59ec85aa329d6c9935ce6ebc74c6e37add1ab0b6111212410f7230ae701a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Fri, 14 Oct 2022 16:57:37 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=363534785&t=pageview&_s=1&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACAAI~&jid=76599520&gjid=1048540254&cid=167208625.1665766658&tid=UA-157387674-2&_gid=2090040133.1665766658&_r=1&gtm=2ouaa0&z=599103397
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Jhpam8SKQ3I.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame 08D3 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/Jhpam8SKQ3I.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6ac1f56910010e5a93a3093e7847ad5ea43ba9e8bb8ff568b957eff0a2f58da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jGZ6W9LX7Pa2QkA52B4BYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4747
x-fb-rlafr
0
x-fb-debug
CrPJt8VDWaHIZhxIsSr8zbJuhgDLA1F4JCnC+8QiPSD4dOvwXQQs7oaM1CP0OPXMJeSHFOW70sx9inlhtWI0bA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:31:52 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 08D3 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
9L4diUTqS2pWh/qF+hHW1Nhmcm7VdxlOID58361pyrsAh8T+AurJVzxigcSZ5KcNhJI2SyBH8lGq4awqeapQbA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Oct 2023 08:13:32 GMT
uNC9cVrg9ND.css
static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/ Frame 08D3 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/uNC9cVrg9ND.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2944c3024e13444318267d493ee7dba4e4679744a51116229953c4d7c3866a43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kob/OCQxBBBRBwPxc4gbHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6454
x-fb-rlafr
0
x-fb-debug
ZXHNTyTzEMW5PGDL4ej/B9ojh+ZGUJwXxNRRa6z+fpTVRwW3S62jqVoRq/PnnyvhuO4alsrnP2XlbqG6wBRr4g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 05 Oct 2023 04:16:48 GMT
2qJRjrlwTog.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame 08D3 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/2qJRjrlwTog.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaca0fb0be4c00a5add8575e92bddc641057ee578b8c75641cf8c36018543142
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lGfaiydoxOwSQubOhXstPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4581
x-fb-rlafr
0
x-fb-debug
oFwvG/jdmn32HhyDrvro465ZPLT1gURSlI3E1NjOqILCnpTJDemXMRzWiTxCXOqjv+wyXru6urflewIxiEZTPg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Oct 2023 13:53:57 GMT
V_wJ8EQu-vo.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 08D3 		323 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/V_wJ8EQu-vo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c52f64b8538b61eb70de24754c61aed4119abcde29a8aedeebfa0a32c264138
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0nwiIUzgQWDEVCDX5kGDLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88941
x-fb-rlafr
0
x-fb-debug
6YQvDX56mZR/361w+XOcsTkwoaa7sWRHEwgjJkwk27b7iJN8jnOWS5ak1lswHR5aQW3qKU2zScDfryONZ6r9JA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 12 Oct 2023 08:21:48 GMT
FGasx_8C7gf.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 08D3 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/FGasx_8C7gf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
41b2c8c215be5020e756d8dde6c738ba98ca3a167266a4f708fbb02299771d69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TPH8wCpe+btQJshugd6Gtw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12272
x-fb-rlafr
0
x-fb-debug
6lw7OPZKbh3RsHlQUi6jlkSH6oD64JNSeskjhYAkaV5+AHuHbEstE8MIQ/zC28RnRkTGlz8xGt+GporFNQyxDA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 04 Oct 2023 07:26:41 GMT
5I68SGTEBGz.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame 08D3 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/5I68SGTEBGz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a5fc80af241aec02acf796b66c39027b469e8b54fd30519bb773908d3cd1f600
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QjaAwCelpsv7iT4ru+X7MA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16192
x-fb-rlafr
0
x-fb-debug
0lr1SS1Ml4SH+GIShqnlKkCi9GH/4pNkg/jmJcCxRd9WcQdOBy3nmb1ejYPuYPxes2vIhgtBAFc+ulclMvKc3g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 14 Oct 2023 04:48:11 GMT
I52F_owkvX4.js
static.xx.fbcdn.net/rsrc.php/v3i2tE4/yW/l/nl_NL/ Frame 08D3 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2tE4/yW/l/nl_NL/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e3b0f142a30ab19960dca2f3dc2d4bc1057d12868f092f859930c7fe665a2c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
u7JWG0vWyxnjHOsiBDskNA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23318
x-fb-rlafr
0
x-fb-debug
aKtZH9qcJZX0b5d5wfXDUy6pLmRrc3RR40iJCIrAgdHGcjzYfxLy7Z9duLh7Ol2e/cnUxG2/XPO8JbiVbJmYlw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:42:13 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 08D3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
z+ZDssZG7soE019QWr7Uq3aYNyWjyRS7zh3FErw7V3X9SHE1S1OO6D5YHm5XngOCo5mgWudA6XX7KSGVZs8ehg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 05 Oct 2023 06:43:23 GMT
hPZIPTPHqCo.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 08D3 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/hPZIPTPHqCo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b34e990bcdb512549b66a8703674635168434d960dd725e90285889f1336759e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BWIH4To21LUz9RX2gJ76+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7126
x-fb-rlafr
0
x-fb-debug
+pQFVTEfX7yDgG+iuhrNkaioDVmxuckREVMwP/dAvvKk1UoPPcLQePR7CegMc8ZokjfRT0j0gqxU1JUewM+7cg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:32:00 GMT
iKOdrVwIJO6.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 08D3 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/iKOdrVwIJO6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d295ad9799d17401cc653b47a5c27bd046fe89512861221f1bc6b6738d31a060
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ACqcir3ClHkUNdXTCpvPCg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8427
x-fb-rlafr
0
x-fb-debug
5AR+rvT5aalLxSTTCo12SxS0h1CTln1E+VuES1u74hZpO9lk+qcT6oohxBlGWoBUZ4KSzdx8ZqBQwcleBme3+w==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:32:00 GMT
dmtE6195c4_.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 08D3 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/dmtE6195c4_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27ddc909a924fa13e1c92c061f1efc24eb5851a8679a49b6d1cbf5b52a30bb1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NkD8cYDASlJU1GEhNvFoig==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5804
x-fb-rlafr
0
x-fb-debug
AeUFKRCjIY4MPkjHiE/M6i59vulkVdf4TnRKffd7GBLAYMM+cSwhBslf0hhduMMPDhstksdLN7+RjuXhy9pKVg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:32:00 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 08D3 		588 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dvWT6EJnf3PNCgYjKHSyww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
338
x-fb-rlafr
0
x-fb-debug
RfNPbXU0ks9oOmaReKZb4qveyxFgGpTgaXuZogCCSAdOHTHcny8TGRJyYpOzFvgtbIxIWJeBBLBytAkhiadIng==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Oct 2023 06:30:11 GMT
UQf8KwbqJif.js
static.xx.fbcdn.net/rsrc.php/v3ioBv4/yZ/l/nl_NL/ Frame 08D3 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioBv4/yZ/l/nl_NL/UQf8KwbqJif.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
732a9d3f3ad459d02094d4163010c9bf066144eadad685989e90b55d124d8e46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LDrZ2bZrX+/9nut8bn/Bcw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7092
x-fb-rlafr
0
x-fb-debug
rVn4MSXfMUKitozZR/Xc/x5Ju8dXL+Ke0HAQbA6q3qrFLX42nhjBrLwA695Z+TSoocOGjoQk6Z7GSmji5tY9Yg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:42:13 GMT
HIpG-zMFMaC.js
static.xx.fbcdn.net/rsrc.php/v3iHcB4/yo/l/nl_NL/ Frame 08D3 		336 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iHcB4/yo/l/nl_NL/HIpG-zMFMaC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0ddc6ca5f282d4f8aba0b3bbeaa3666bd6b0769ffd70b45d6ae40ad0e4d85f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3bLJdUaDyVcADKzkduH+Bw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
80284
x-fb-rlafr
0
x-fb-debug
aoWDrgjudmznshNQEVR5IPdGy+K+5xX+4US+5oI8xuo5DQ9kDNU++Y/ZSPJziBly02Fl6yf1AwDcS69dBt8e/A==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Oct 2023 02:01:45 GMT
fYcoadLKcqx.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 08D3 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/fYcoadLKcqx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05d7b718b14633236a482ade1982ae74c25d2cfe73a43ca3e39840f6f093d71d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dnL8k+yw6LQd3AQoGk2E4A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
19181
x-fb-rlafr
0
x-fb-debug
fnw6U1si4jBsWk2Q4VUo7BJgzc4zdVJmLEIi15HvQ+BYL5RgsEQvzdSDoBvH2DtSHkwEF89u9VXY+ubnD7Y1Lw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:32:00 GMT
XOGLqtK6SbW.js
static.xx.fbcdn.net/rsrc.php/v3iTWp4/y2/l/nl_NL/ Frame 08D3 		155 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iTWp4/y2/l/nl_NL/XOGLqtK6SbW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21c200b1b299a7327215beb7d700b4e38a31ed69be571ada397822d709326d6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6CKA3/kEZV0G9w/ofkaTaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
42159
x-fb-rlafr
0
x-fb-debug
3DWV1Rh+8JSCAoLcPQNwdru92CRKszX/10cCKVOg+Wvec40lZ9Gw72TlTwI/aUikQZ4wwPitGmBOkXmjiKvyjA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:42:13 GMT
oDVETVg4GJv.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 08D3 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0bpo8UawH0rvYNearbkm6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7236
x-fb-rlafr
0
x-fb-debug
nOvNfi0AVhk4KSvibTGKPFnIbFFkeLXiYOs73EaShtyhtHLBN9CTIvbQwbh9MwHD04qS8HowImXTgOxSaiP1Og==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 09 Oct 2023 11:01:22 GMT
tWToR-gOAEL.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 08D3 		210 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/tWToR-gOAEL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8274947f071c5bd9734c5e970df088e184c8f463ca9b72688b43eaeab2d635fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ASs/HK9M2wJ3ULde+FyQGA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
47802
x-fb-rlafr
0
x-fb-debug
VCXvKAHJFsnqvif4+/sSGXTnAt4y80RijdCm56meH6FYdM7vbkxq6w93z3U8qoqxW+AQytpsTxfMSbqQwIexbQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 17:32:00 GMT
ehi71tw9UIC.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 08D3 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/ehi71tw9UIC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49712020cdf04c0161b3c7d60d9fa6c073388f2ef009bbad6c5edcf123fa707a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
813e0p2VQavjAMRiz8/G8g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7562
x-fb-rlafr
0
x-fb-debug
G3yzcDFBzgo47TkCQGLdwgo1dkFQpYYJCT5yG+LloTw4MnsLV0Ahcgyrs19jm1PWOyfFRyyxFu1rV60LMaTcHw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:32:02 GMT
FLvtonlSna1.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 08D3 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4majzMI5X7y53cPlzz/opA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15209
x-fb-rlafr
0
x-fb-debug
q3/PO15N29YzHPM05DPAvC9zs105DgiorwbrHgfdUZnIwqYj0xNAPWDMyXnaSV4BKYRhb1zlP/8mPLUPIwthRQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Oct 2023 08:23:29 GMT
278570253_5058389347574055_1940139956419344345_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 08D3 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/278570253_5058389347574055_1940139956419344345_n.jpg?stp=dst-jpg_p160x160&_nc_cat=109&ccb=1-7&_nc_sid=dd9801&_nc_ohc=OFD9ga0bFfQAX9DTNno&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT9HwRIv5pDDPPrgqwv-x_zOcMFwaO-Txnm-mvVj92o8Ag&oe=634DC219
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd65581b93e9ce19d1bbdaf1e94b4996ca2b0a363bf52e6bcafc2ebe5c0da1b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-haystack-needlechecksum
597238437
date
Fri, 14 Oct 2022 16:57:38 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 18 Apr 2022 11:03:04 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2729217192
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1713087703
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7617
298764951_480367680762156_7546136798228710458_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 08D3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/298764951_480367680762156_7546136798228710458_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=100&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=8ymETtAYGSEAX8_QazE&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT-9iMhXjnLKFaPnRoYdDpcvXUyzkmLaFFx9Qk_pJ_ULXg&oe=634DB00C
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da97b6661b2a61de0d56e15c069de457fae3f67028c0de1b8fbfce2c2bdfadf7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-haystack-needlechecksum
2131001490
date
Fri, 14 Oct 2022 16:57:38 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 15 Aug 2022 20:31:36 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1409629898
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1751217763
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1146
csyncs
ghb.adtelligent.com/ 		505 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=381325&aid2=467848
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19279/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ca461714b00b11229550ac5bb7fd32ebcb5380c00c9337f0153d01ddd785eef5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:57:37 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
325
fpdata.js
gaua.hit.gemius.pl/ 		275 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ntn.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
7439c201d635317d134f877d65e6c8c856e11d90a8f9ba0e49fc105646f2fb8b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
275
expires
Sun, 13 Nov 2022 16:57:37 GMT
lsget.html
ls.hit.gemius.pl/ Frame 777D 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
7e9418a4e8f5f6d1edf0d756d7c5bd856a21dc20a4b1f143ec1e026e6138bc68

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2712
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:38 GMT
etag
PRIVATE7520710249
expires
Sun, 13 Nov 2022 16:57:38 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=363534785&t=pageview&_s=1&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABEAAAACAAI~&jid=700019490&gjid=1669184067&cid=167208625.1665766658&tid=UA-3902239-38&_gid=2090040133.1665766658&_r=1&gtm=2wgac0WTN3THZ&z=377588405
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.adtelligent.com/ Frame 8DAF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={}
  • https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=a44a9126-976d-4c9f-93a2-90f02ddf8c85
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=a44a9126-976d-4c9f-93a2-90f02ddf8c85
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19279/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Length
0
Date
Fri, 14 Oct 2022 16:57:37 GMT
Etag
a59ae39e310cf151
Server
Adtelligent

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 14 Oct 2022 16:57:38 GMT
Location
//sync.adtelligent.com/csync?t=a&ep=736011&extuid=a44a9126-976d-4c9f-93a2-90f02ddf8c85
/
csync.loopme.me/ Frame 56B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19279/hbw_master_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75a1daec88acd0b9-AMS
date
Fri, 14 Oct 2022 16:57:38 GMT
server
cloudflare
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=9591dedf-1120-4045-8ea4-e2d33ba3b18c
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=9591dedf-1120-4045-8ea4-e2d33ba3b18c
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:57:37 GMT
Server
Adtelligent
Etag
a59ae39e310cf151
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=9591dedf-1120-4045-8ea4-e2d33ba3b18c
date
Fri, 14 Oct 2022 16:57:38 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293798261393374&ev=PageView&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&rl=&if=false&ts=1665766657931&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665766657929.438015360&it=1665766657683&coo=false&rqm=GET
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 16:57:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
collect
stats.g.doubleclick.net/j/ 		1 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3902239-38&cid=167208625.1665766658&jid=700019490&gjid=1669184067&_gid=2090040133.1665766658&_u=aEDAAUABEAAAACAAI~&z=712219841
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 14 Oct 2022 16:57:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds.js
pa.tns-ua.com/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
last-modified
Mon, 02 Jul 2018 17:27:00 GMT
server
nginx/1.13.0
accept-ranges
bytes
etag
"5b3a6064-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
config.json
player.adtelligent.com/exchange_rates/285082/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/285082/config.json?cb=https%3A%2F%2Fntn.ua%2Fuk%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a639ad91b60bb2725eaf72085318ca47bc310f4569bea736c23c8cc347dff956

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sun, 16 Oct 2022 16:57:38 GMT
date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 12:02:11 GMT
server
nginx
etag
W/"6347fe43-199b"
content-type
application/json
access-control-allow-origin
https://ntn.ua
cache-control
max-age=172800
x-proxy-cache
HIT
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		674 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4066056206167240&correlator=3096047263452148&eid=31069181%2C31069635%2C31070374%2C31069354%2C44775319%2C31068919&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_NTN_Background&enc_prev_ius=%2F0%2F1&prev_iu_szs=2003x1300&ifi=1&adks=1445112672&sfv=1-0-38&fsapi=false&prev_scp=welcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM&sc=1&cookie_enabled=1&abxe=1&dt=1665766658081&lmt=1665766658&dlt=1665766657007&idt=1005&adxs=-201&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntn.ua%2Fuk%2F&frm=20&vis=1&psz=1600x1786&msz=2003x-1&fws=512&ohw=0&ga_vid=167208625.1665766658&ga_sid=1665766658&ga_hid=363534785&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f30abd448ec6baaf74984d1575b669ba98dc02a92bf60105b46b1f6a2b454fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
347
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDA0 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:38 GMT
expires
Sat, 14 Oct 2023 16:57:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
arj
adtelligent-d.openx.net/w/1.0/ 		173 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fntn.ua%2Fuk%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=769edf83-49d6-471a-82e3-c51372ce6133%2C29b44037-0938-41ea-a161-283a33a65a4d%2Cec2acea7-88d6-4903-8554-f6beffbf69c4&nocache=1665766658154&gdpr=0&pubcid=4547867b-1d3a-432c-958c-a8ba1809dbf3&schain=1.0%2C1!adtelligent.com%2C283366%2C1%2C%2C%2C&aus=970x90%2C468x60%2C320x50%2C728x90%7C240x350%2C240x600%2C300x250%2C240x400%2C300x600%7C970x90%2C728x90%2C468x60%2C320x50%2C970x250%2C970x150&divids=div-gpt-ad-1516984831775-2%2Cdiv-gpt-ad-1516984831775-3%2Cdiv-gpt-ad-1516984831775-5&aucs=%252F58302844%252FSLDS_NTN_Footer%2523div-gpt-ad-1516984831775-2%2C%252F58302844%252FSLDS_NTN_Premium1%2523div-gpt-ad-1516984831775-3%2C%252F58302844%252FSLDS_NTN_TOP%2523div-gpt-ad-1516984831775-5&auid=541177132%2C541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5b214f416301eded0275e66341fc28de2c769b31b1aac066b2aa52e79e39a69d

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ntn.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=8332332123
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 16:57:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ntn.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
ghb.adtelligent.com/v2/auction/ 		241 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
92ea97e7efb343bd3a8df00b11901d2306324d5adf2d2761d381813bcac98332

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Oct 2022 16:57:37 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
147
/
ghb1.adtelligent.com/v2/auction/ 		3 KB
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
58dfe83deb32d2fa1e80fa2af2e5d14be1fa0fc9bb29edfe5e9f21d438734402

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Oct 2022 16:57:37 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
384
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntn.ua
date
Fri, 14 Oct 2022 16:57:38 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ 		335 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=2&alt_size_ids=1%2C43%2C55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4547867b-1d3a-432c-958c-a8ba1809dbf3%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_Footer%23div-gpt-ad-1516984831775-2&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=769edf83-49d6-471a-82e3-c51372ce6133&l_pb_bid_id=311302086557dd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_Footer%23div-gpt-ad-1516984831775-2&slots=1&rand=0.6199575703856612
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ec72df6977386fcdac6ffbc951289c4f1aea0a2eaef62a83422eb303b32e5bb6

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
335
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=15&alt_size_ids=10%2C17&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4547867b-1d3a-432c-958c-a8ba1809dbf3%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_Premium1%23div-gpt-ad-1516984831775-3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=29b44037-0938-41ea-a161-283a33a65a4d&l_pb_bid_id=32c404b5c193b56&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_Premium1%23div-gpt-ad-1516984831775-3&slots=1&rand=0.5807850506666243
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1e881bee4968ea66e5abe34de441febc430ac61686c0706ce72cd5b99cf610e6

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
333
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		335 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=2&alt_size_ids=1%2C43%2C55%2C57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4547867b-1d3a-432c-958c-a8ba1809dbf3%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_TOP%23div-gpt-ad-1516984831775-5&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=ec2acea7-88d6-4903-8554-f6beffbf69c4&l_pb_bid_id=334f49f1309e4e4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_TOP%23div-gpt-ad-1516984831775-5&slots=1&rand=0.872356633323027
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
db60a768c483659f46a67e2959aefa707b55b8b96e99b5faee357a3737d46be9

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
335
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		24 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7bcc57ca2406f852508d6002c39d75996a862c3e8389d1c63c9a61a42a408485

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
pod
X-Sovrn-Pod: ad_ap7ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://ntn.ua
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 08D3 		573 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/Jhpam8SKQ3I.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/Jhpam8SKQ3I.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
Ql1JWoYRabFEqPyoxJFHLaZfnJDDn4dALCfCLeE9POXMoPiHmwVODVaN/6n2dRg604kupy9B7KIz3cV6mu/Ujw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Oct 2023 06:10:13 GMT
-a5s-xpqOxO.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 08D3 		160 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/-a5s-xpqOxO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/V_wJ8EQu-vo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c1285a4ac2eadeaeb1861f7863adb0a97a0a601308d4247e7e81fd79fc611e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iNoBd4sMqv7uZxE7a8rNPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
47814
x-fb-rlafr
0
x-fb-debug
XsNzOIQFS1fukgwpEh8lTuWXPoSkb4HrXz0trvvcDPbdX7UuIG240F7yYp7IM0HnhYJxHvbqqnn10PXqGBRw8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 13 Oct 2023 17:32:00 GMT
0iiVhQwJxVm.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 08D3 		369 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/0iiVhQwJxVm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/V_wJ8EQu-vo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a92379341fb4f1f929f52906cbed5f35bc474ad6e0dce7713768bc8d8c156af6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xtCM50AYgTdsxWznXFe7ZQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
80390
x-fb-rlafr
0
x-fb-debug
G6f4t6FM3XdzXuv8uiGvZba9L5XYSftWNUzvZBgBg5teHUzKSbqzg83T2k52A6LoYQvz7LLorGEDA5UU9w1S+Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 Oct 2023 19:51:16 GMT
Sn-_BbYnlN4.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 08D3 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/Sn-_BbYnlN4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/V_wJ8EQu-vo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
689061066181e2f80c455652eb892d5f2753f4efe880ac9b8924e305f1952f4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zI7TYFgzXoPKVi46GwXagg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12883
x-fb-rlafr
0
x-fb-debug
wB88evCwb/MRjor1/mi9aKDPR4vAwLA7XmM19i3y8afaGi4/sf/XI1K5Ub3Ix/rWOTw1p2ZCaTtF2wLKiSl+/w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 05 Oct 2023 15:15:33 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1665766658207/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1665766658207/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn...
  • https://gaua.hit.gemius.pl/__/_1665766658207/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...
169 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1665766658207/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=CoVw_FSfnxNY6aPmw0CmAn7qkkirzUoJhx4bKbYJCar.K7Ug9GoHEY.k6eSqmbyUb7BD6sxg1CBhCGTxdnTo1_poEy_g/aLYSlxvzYhfkA/&ltime=324&fpdata=wVd764c9CMRkOFz53C1iM_xfJagY4jistMxCQAp89Ar.n7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
3d5f9fc516a9901a8fee7522baca3e62b77da8e63ede0066484bbe6c0bcfa9b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:38 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Thu, 13 Oct 2022 16:57:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:38 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1665766658207/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=CoVw_FSfnxNY6aPmw0CmAn7qkkirzUoJhx4bKbYJCar.K7Ug9GoHEY.k6eSqmbyUb7BD6sxg1CBhCGTxdnTo1_poEy_g/aLYSlxvzYhfkA/&ltime=324&fpdata=wVd764c9CMRkOFz53C1iM_xfJagY4jistMxCQAp89Ar.n7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Thu, 13 Oct 2022 16:57:38 GMT
cm.html
pa.tns-ua.com/viewability/ Frame 93E5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 16:57:38 GMT
etag
W/"5b31038d-b5f"
last-modified
Mon, 25 Jun 2018 15:00:29 GMT
server
nginx/1.13.0
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=FE2268F44A7E41E68DDFA3EBFA7A3A63&time=1665766658002&location=https%3A%2F%2Fntn.ua%2Fuk%2F&referrer=&is_flash=0&session_id=685671275&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 16:57:38 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/ 		56 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=FE2268F44A7E41E68DDFA3EBFA7A3A63&time=1665766658307
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 08D3 		886 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1369660723113621&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i2tE4/yW/l/nl_NL/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ee116eab2986f53121655e88036f64581ffe19572dbc05521d14f506adc56fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ugYOe0DR6ZaVFpfmdjfybM
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 16:57:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
ao1/DG/POaSiGsQbh8WL99obqVnhIXG0bkPLTnlA0VHsuatq19s/bo+kxkPMZvGYq0nv5exojtZyRWr3Pler0Q==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
23079102_1358876393903_closebutton.png
s0.2mdn.net/ads/richmedia/studio/21515482/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/21515482/23079102_1358876393903_closebutton.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:02:09 GMT
x-content-type-options
nosniff
age
78929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1623
x-xss-protection
0
last-modified
Tue, 22 Jan 2013 17:39:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 19:02:09 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4066056206167240&correlator=1915213968237828&eid=31069181%2C31069635%2C31070374%2C31069354%2C44775319%2C31068919&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_InterGroup_NTN_Catfish%2CSLDS_NTN_Footer%2CSLDS_NTN_Premium1%2CSLDS_NTN_TOP&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1366x180%2C970x90%7C468x60%7C320x50%7C728x90%2C240x350%7C240x600%7C300x250%7C240x400%7C300x600%2C970x90%7C728x90%7C468x60%7C320x50%7C970x250%7C970x150&ifi=2&adks=3749508852%2C3558692828%2C952306158%2C3762424195&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM&sc=1&cookie=ID%3D17b244608948b6dc-22437d1347ce002f%3AT%3D1665766658%3AS%3DALNI_MYU2DzuzhKMcMAiz7C30Klrqz9AGA&gpic=UID%3D00000b72b59dadd3%3AT%3D1665766658%3ART%3D1665766658%3AS%3DALNI_MbZ8I9sXRUdCTO1xxCK8DiGm8mBqg&abxe=1&dt=1665766658373&lmt=1665766658&dlt=1665766657007&idt=1005&adxs=117%2C315%2C1004%2C315&adys=1020%2C1786%2C362%2C25&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntn.ua%2Fuk%2F&frm=20&vis=1&psz=1600x2256%7C1160x397%7C300x0%7C1240x50&msz=1366x-1%7C970x0%7C300x0%7C970x0&fws=640%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=167208625.1665766658&ga_sid=1665766658&ga_hid=363534785&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d7f74d151a3e2ca1976ee3049886420f6b85b22c69e18c4e06d8a20ac1e96bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15412
x-xss-protection
0
google-lineitem-id
-1,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ksSG7BCGzVy.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 08D3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/uNC9cVrg9ND.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/uNC9cVrg9ND.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
x-content-type-options
nosniff
content-md5
uyn8DKg02tdFYyt7qV6IBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12111
x-fb-rlafr
0
x-fb-debug
bSsU82cYG2Hl4w0nOdbbAyjaxvp4TYC0ie9olQD1fhoRFAuD27vI7g2EOIxsCrGFOOPfsqifb9iBjoux90D/gA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Oct 2023 04:20:02 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 08D3 		279 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/V_wJ8EQu-vo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QusOzUJEj2HVYgmawONobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
189
x-fb-rlafr
0
x-fb-debug
TukV9/tKJJSuV4yEYPipVkOpHivCmmzSfEGltHOZXgq4XjHTjs/+HkS5xKOUiQMMUzMdGLBUp1ltYfxVHIDSLw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 12 Oct 2023 21:08:04 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293798261393374&ev=Microdata&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&rl=&if=false&ts=1665766658433&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665766657929.438015360&it=1665766657683&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 16:57:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/login/ Frame 08D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fntn.channel%26width%26height%3D260%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dtrue%26stream%3Dfalse%26show_border%3Dfalse%26appId%3D219434378199819
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/V_wJ8EQu-vo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Oct 2022 16:57:38 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
UjnnYUvQUDTHst/1HtPpkEfyT2P0MF077VK6zaMqIO373WBaC/TaoIaL3Qeg6XPB1/kEduP70BmZmQjk2JnH1g==
x-frame-options
DENY
x-xss-protection
0
blue_bg.png
ntn.ua/images/ 		920 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/blue_bg.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce04189370ecaa0cc5e3f50d3311f86ef42ea688519a093319460e54e43a9f9b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aufv9%2FAPbszvxtTlrzVU1FeFxQjIpjQJ4rev6AiOjEFq9rfZ0nDAX98mKKF%2BoHlJgXqJQo56NrYl%2BFf8AAAV%2BSqu56dtPuV3j%2FgQ8Hx50d3b6LQa5%2BAVO1SvwuuExaknLDZOq0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1daf0193bb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
920
expires
Sat, 15 Oct 2022 16:58:42 GMT
bg_direction_nav.png
ntn.ua/js/flexslider/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/js/flexslider/images/bg_direction_nav.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/js/flexslider/flexslider.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bba9edfe62a220e90be5fe1ba14c9ac751490f500b1e6e5fe25cb2c824c9ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/js/flexslider/flexslider.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-1966"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1Kd3iVGKO40BI%2Bve2Fp1J87cbIT3D0fa3bDQBBTAb6zLsdOoCAH%2B8W1br7h9Es5N%2Blpl%2BBgS4f5ehvJjMFEZIf8m%2BflFvx6GF%2BVyNqJa8mnuccj82QIudKSw0%2FQKMSkzIUJyGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
75a1daf0295cb91e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6502
expires
Sat, 15 Oct 2022 16:58:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6abfd32c062e8acbb76667518bb240df1301525e96e1d8021eb9d4476b742552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11142
x-xss-protection
0
container.html
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2682 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:38 GMT
expires
Sat, 14 Oct 2023 16:57:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A432 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:38 GMT
expires
Sat, 14 Oct 2023 16:57:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 16:57:39 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B89C 		624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCGn0cY2aGp1AEwAQ&v=APEucNVjM5yTfgZYDbFftHxipt1sgVQWz5n1UpBO4uUm5hiEYQrog5ItRjUpfohqeIgw_IL0Ijl4dZaIYLPOo_L0IVNJvm9mOtniNpzl1vaWOdjSLY7DS8SlLC4dFV8F8R4RIaFoAH-6_gCX_S5EhJLNOu2FF29kaTrPv7s_J8IILVWEQE8_y2E
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A432 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6MHzw-OkBqEgFO_JkOpJ26ZUSKjmiF_1qCfSUTvZnUR4G_Jeb39LNZ61QYAujB6Jkr_l7hYYmHEA7Ce--Bs37vtUy4g&cry=1&dbm_d=AKAmf-AkEgMc9ws_UgHnagnu1tM8beqfX5x8QyUVupPhYbkT2X9e1vXMOd5MZG0rez-dYoLna-rGHT0rOh8HN5RZ2ZWnVUYSQTV1oxpxdipEhNDcqqdOeYWpdzYlfPUCEd8_phgyctZglKz1nAQeqCAk9cgeTokSPok4F8_eARO9tzHuo2h6POdnE1iTQqh0PwQLdXmcQlOCCEJfXIfU-ldWvGayt44OfY9IZw0TK2jn9_kAY-NnFy5NSK3cZzyoIpcQHr1UOjtL50uuw5aiYbuJlrFe8ndUL77cUAVjqmHgdCPRMAvCg-v5uFpq2zjsIcX7PDV47RIUA3gLUTpcTz1asYfcYSGA2GfWxLlYhJf0rhyrzNUyZ3D8OUfIwtwnYXu8yWSaLYA9hOwDMt8EZfD3z5h65h_d2ziSvStZfzsjnwKpKo9utT2_sLgRgYa9L_U_C9gV9Ug86CqHDKhZXWIG-6nB-dEmzGh15GEC9KMu44J1LgBgaUHsj9Q6oHzHxlMn2a2Y-soiqZ3uDjLH8ldgYzq2sFbXg0pvzKKQ9lwTYpJkQKy47yDmgohv7TwZNL3I2SaG2G742xAj41l3yRXOnsthEa3bte6Hl-sBONPLoIi_ZeA9qm0XjN1Qfr35gT_d6HpsvFdbcVf2k9kRsXowQsZ7VMDG0Rc47jX53yKUO9z1Rq2zICJqmPZZn98ImSxS7FzSRzSeF7EnhpwqMFmmaTUJnFwgZw8-gfA1QJ4i_XHCHRHcs3b464wPHOWO-MLYPzPzNN7i0sm1Ajb98XAlvv7p7I6HDuI7ZLTDphrVB8hgd0x3CqdgJXkm3bZmRz7sZQCk9WSWNMGuEhc3OoyEDk0yCyDt1KwzUMdAzBAyzbxjiONhpYb3Za20fFJSDUL_LqcV4Xto0ET6mSqvARMd1cnllABB6O5b5DsAGDqa4dOrwfG9RqOBmmT6jDnOK7ycvj0kL3rBcnVohAkMPSvSp_Q7Pt-j_SNDtpmXmcf9a4HRzRM8isGllssDz6xYFTLN4lUynmt9uRu5jyKFsNZiULPs-Bo4AKF7xOtVvirQ5K6N8iFCXypRgM5zUY_l0mYJp5bYMUj15RJ9BaZsgGUlJwkrBmqOWlmW7NiuZWxRgIqpgq97jWA8K8VoRjvxBaHDVMeIkuIWbQCFSjAzT17w-waP_o9G9K5JUYqVyd2TnddFVzt9Ni9k_rASRVieTVH5Nfhat0WiHkTk4q3728-QtMytPkz_AweIQpVHHUOKryWazJabD2iNIet-GI2H1YfD0PbrWiCSuHFmHKQsR3liyZG6IKGlo--8Ho6DCZMs0mEp4fFJebco0PH90aDkMvCyySy-hqOkPl-lm_fMbtRZts4lGyv1eLDzA29UFNUypMd92dMqo1A8YAh4iQ8oCa0XSDK4Cz1uz2g_DTHRS0daOdaK7yB9S4NIMQ18E_7rOQz_u5BUwdz-l_-9xITr-opr60cHbyFiT6fx_KDSRZ-GPP7-weJVUkN6g1lS3Haga_8XBQZeKuiiavIo-60HG9U30EQMmwyhFSXzGuBPgN078R8ZzFGT8THcEug-AqPjRcmlYBbg5q6gOXU-D9fiyw1Yu3hMJ3PckLk6TwtgxC09QXEX54HkOYDX4LzdnqK3CEVzmbP0H2aHgr2hYHgPqjCHZpLspUm0_IlEvCFMCDpeqzX36UcQ2CE0nIQoL1c31CK30vwHAwZKunyXDDh2VvxtvqpLeuYKuc-6kHsEPLsJMccLZRAuXcoXoRF_usv_Skabo0nGXfE2XEbSE-ePUSesomhRX2fEzZF2NyaP-ngs_ECcRKsgMjftZtN2fBr96O_ap6A_K7glNkgU2R_ceNWoaUUju-CSyL2tq3UpmTckS93ACENgyfoJv9EdX7gnHvj_cZSDOwOuMakelx8AEUgb1dO25JclYQyZykyDCEimdV3rwlV3EDDwptZcoOxk12C909TdLVkh1nAi4XI3dtSbY2K8o_6AkJQfSxYx-kEcZsOIfhxWOIrnkExLC4cEFc0Z0El9-U5zyUlKuu-wrNMmyNPGmTqJhWffqcrBfrRGa-qIRL_HWlg0yYCeXr1xLG4RNqwIeR2_ByWC0ws7N8xtYHyuwzXATdsYXTYZqXt6BgZllD8Yteab3Pnjni7U69GDZaX9o9Uy5Lo4RyI0e4DnFPbzr4belQ_uNKBEzC6OMpm7iqXKWqjTYUtGvOi6AVSaajmtMaIDFpkhZbhV10--X2AswRyWawg3tlkHLJf8ch5-ksY24OSG3kyrn8R8YZkWNZIUErLy3Mh0TZxGC4UUrYFxMFBVfYCcrFHgCGS_3UaCFJxdYEpyUjaH_EA7daL_p6BQHcumiHTUxrxo-SYCKn9jS0iMvRLqxheLlnUcDhboJc7rnh2DS2mp-YG2OEk-kskutOaDldS8ydk8bc9wo-HkGfLuwgY_LjThWpQYZQo0_oHL6G4YlZsF9UNEEpQDyNhtQtMzPdmwgkPiKCfwc1wOJiBRZSOM2Qa4rpBqtF1kML30qgi2wTM6X0M5FzGE6zbEsxA1eX5MqtyTVLhSa2mjIqd5VlR2hAYODXWonvP6TVWEa6A7xPpLGFbDIw0hYvVn0JwIsXcey_YL2dVh0kR8VIe3ND0JPGcAV7P90pDrwSYEzRbfZWVUSBS--s4CkP1jey6A6LZq5B5O7_n6pTLfou9gOJexjnRYD_irJCsGLzmHz-9r48420HIJCcW9LPpZI8jgm_Yv9LJ93ejeXh3uZWX1gfPh1eUH2voar45oxyUMed3eJdh8IgNJyZ5hGqaW856mUi21a5u3ZSi4xeKpI_ZGCU-emO-ztJCWEwUCKDOcJ7vZp5LO-3faYCCF5NCDSjNOWJ38WFq4KOWLboqq0S4jPwvzf5GS2tuq0uFvTMWMmvtxyQV65yTI8FxVhCVrquave3Hp0q4Us2mK_jmox7WYQITLh0SV2p91xFDOrMjCHGl9yxE-XoOJQNiiaGfZKyibKxCJYKHvcA-jhxXIKOuI50p-S_liDXH-2bU0q_6qu5I6OKMTZOdwHHyVsfvii14GOxYU-3t9uZhraxAmP9DzfR_x-tki4AeBtFMml6H0Fn5o28ST_jYHMHpeMmypnaZyO_yg_h4KTz6mHwDO8eDqRG7izIkGQ8AyYl4mVsjq03Izj1-kscNAmyIzXG1D3-6GTMwIrXA7NHnBTJs1492k1jCvCUBQ_ZWpjDrvFbvTy5usYtgd-WgRuVjjQjuKEbKpUkCuHmZllKjGGAQjMV4dVUugGprsbyMuIPINvs8Jk7WKXZ4fplGJmo9PJfDElgM&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
344eb38594dce12c6338a5ea805448773c1e99100dc8df459bc44d3b3b337a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34586
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A432 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdvAmbpqbc_fpLyV-W1rnhi08T3QyObK_1O73NH_BMax5KAEf-9zmoY0iqAL5v71dUbuXCQfJVEhZhDIA17bmw2dGSxCyuVnHFMn5XxdZ_epNHaYQ
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A432 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 13:24:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 13:24:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A432 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 03:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 03:07:35 GMT
l
www.google.com/ads/measurement/ Frame A432 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXFi3QU-60HFuwy4oUXe4HYZEmDrjPctHnpm_n5slAXMa9RzSQ-A-nrEQCMmVeZsKXRWcbWfO26fNn0yLcyw1PkA6ZoQ
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A432 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 16:57:39 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4B19 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYoa-lwAEwAQ&v=APEucNWMWE1ExmDzJPJ71zrgdGnVo8bq5OL69NAV_SNc3t2Ms5OWWrGLNoFbBE3iLGw_Hf7lkkyVxizQPyPlf2oBnEunFYN6HSEsu29O2_CmV4Hluy_fgWktMGcirCUv2sgULHyH7pUUExGu1OOVJubPJ_4AsDHxeZXtNJ74SX1Dw1ZTMHDgtsg
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2682 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B15LDQLd2xH3RQWfA0ZqWkfaJZO1TTrxg3F-eVWbaGB-oqipAysjLIZGomGaZ547xcd_spJYRB_OJs4w1CL6wZ_qN2ju1cMrw1EOTonadBKX00ZcI80f2l5xxVGRCp-Jx3op3OVLytZ1LQNdlz7hMTJI3kmZW444tPkg881wa1oiKqAVA&cry=1&dbm_d=AKAmf-CuYqUyfm_NvtK7h_JCz24dUheSRLsLCwdgfE7o6ZJlU6Ugg2D9I-d8VSuyNAjtdttaUeQhtVp8uebT9MlWWKLy9fcA8crAZW_kQx6g_U6uIJtJr__X1GBMEsXO3-pD3uY3yay-cS4G__q22LYxwTFe-7NF1iKTFK5E8kl91Amh1BFN-j895r-XU3ecwqOgmKJ9EvQ3v9DubIXukw2JwFSv2KJGpazvtClWsimqpWwFgJbMRzHjhBFK5Y_exSGe7yo5-dQDTN6luYKwchh2AlEvaS3tn-DiW8f2zI44SP_RswUh_fYgbxv9NjWrSAO1EMHnhGMzqzASaOnG46mYjlkfrgXgUrjQHyrZme-z8qjYOZVlIfbBAS80yVGcWJ6YpNtSiSrp5xHirAEpr6WFucB7DM76nYxgif8X3avenKiWF5zs8eHdHanh6o4S7zujFCl0eRtitTrEqjGCO6Q1FI_NvwvT36Lwz-XVCNTpIv_7CrSt7rPF6WCaQlMs07MUTjI8ZA8jvm6sG0GKOtwisiQr9qVdr7iiUJky8fQ-tk3y5dI3UcTBFEb8aOGiHwIjjzsbLSrVusr-kBNrjCux6ndbSb1gnfu1IWEDfbaJZVtMK5bR6-0II4_sGHwDircq621CajLN1kyomiSMmhhj5M4WFzUQGNzxbAcDkVyZmsxQk7PF_xfe5pEAQuJuLAooU_h1cQjtw3UHTI8t707B8Nbxli8a30AkH5EQ214dyZyVdjlANjUjGn1srqCGnK0LEav0bRyXetIepwa6VJiw2KH340mUXhWQhgXQNbH81zabacjGLbbG0P6DWqWVGbid0cfLJPfWkW_YUHKRQEpK-wuWodARLnA1Ucp8pqQxXQI4jLg8NpRyAlKMT20HS3KM6s16CM070T0zlmvBYomF4joX6dvNTIyFmz9jlmzSfQOKwxW-fuiduxW4h_UmQXfS37GQSt2Bjt5HoMW5qzkNwafLDLd3pPLt6GCs6X7FUxM16RiHOFxYyu4BLzvrMHhsnflSgVwqYVScG9wb03Byqvi9TVboneXaM61mJ2WPx3ZozBoB0ca1EQPeb7_sERZ5aY3KSyVhHzwnrYbTQyTE3sEIj0YLW0GoZZDy0iHFO1nkGyBxHWBiaLERk_e_1xnJcUCNGcW5vLtnaWraPKhMYVAC4E58wCcb3wufjrrI08LRaJGUda90NeaHxBK9yeaVPu7lhnC6xIQgbzAD-RukmVuSkJt67Ed7jIFgfWYfdovdNdJ97tlguWsHuJd5D2DH5oi07R53XIBJjcsvxoMVrc0v4GKEZPwqgNLl59EFx5Qq7u18zqynApDXLsPTIgrYmkXwGPYwCw3gKz2_UkkuwPphcjoVxGpK84XQUa3dlX--StzVnhJOj7u66neAZLDmN3ivVX_eh-X9ZunWKAyQFgPf6lxjBVU4Uf2tKTdXx0acadniig3kwABqL-sipF0TMkcbNRyALnDKkx9tCQE_d4Scxj7tShC2jElTNofopWoAFafRwgFHEzk07oZMJGa9_vjy-qX7JKUBiBruv7gSUxa8QPp4RJFYtQtTvjd50_86ZVBdmzkiy2CepLe7b7KnkB5mt0rRro9-wd0Ia1ppytvmixONZHAW-qBDTBto5ra59mXZgSWp1ydH8ENISiY0PjrmtVc2u6kluOSEYDMLCNONU_2xcDD3iLyNJbxqyZoYGSUJhMC89MfpEXwO86d5R5ar7DfdGMKgkkQDhIN6d3gO6bquwLd5zX62chKjKYHtv1YnrJfnrmQTorV4C1aa14FsuuUuMJNECqEUcdZH42V8uNGBAUrQarASQ4mSnRi0GI3qUQm33OfYptf-7znIfQ8M1g5ybMu5NFrlr9CYUmtlcOdETD7_AraGDbtHC0fUNtNgkRnC3dtIaEIBWXwh0qX5hf2qZiGso311iuUgiVZd3G4M39F6u3FOFhOrHErMpRnWprKmUqTQR9rOZAhiKzIauoG9ueaiETk1pyafV2WksB02sE2dnCZSway1i3j8bR5w_p9ZHdEit-RkvwVDKljJRhkTtVbrEMHIgpXUBqWIAh1ixgtLPo7cNMYvY20adSoJccQHPUaF9wU8wz7kdiH1xS4eRzxMcznu9RuagQmeejslp0POzxM1pJVB3WS20k3is-uy2H6YH5tTCVH4sGUZsiFgp082kPONINmOz6CALAQ8Mpqf7uK6WqFc_z3w69L0TAdl5QNPZ78QeaVp1OuHcz8D2-ZCvrgo_72k_VqoHwRPHw4yWDm1sGRA9B-I2W3DvCnNd_qlx6Vz3VnKbnEXwU75E4rYEmyV9rjFLRlOF5B4-Mfqo3U4kmMxUgIPSV06qsdmX-pvpzi2S5q7FGv5njLed7nBM0BBNrXi_ZXghjZy7i7T5KgSoJHFjiJJiXdOeVuFZsSUe9GTrUXQEQli9syBX90BoDIJyz0Ma4FqFcp32VQSQTUb5kDJlR-vxVpxxBxtNyyBIjPfgHuC_TpLK-ZJENp096g7WoUtoKWFnHqYWx5cQcmi-RWkSWx9N9KfVhvj3CwB0idrFZ9JfxFbAYj9aVPsY-I0-u-IDrxN5eGWq1wODBsUYmN8owE4pnWWOy0g9MDPvWCUGSikxWzKfhu86k47UY-qJ88B34aqYsN6h9wtDRluo2R6PK4lTf4DNwf5z_gCOQK8o_B3tZ0JO-KJ5T_d0i7MtjfcGC6s6Z9-2VEWXXiGCtQ3NLKuPND-5P6uVtwcRYOCvuD1xuwLWcy8BQYtygj4OQkqnbKbNMkRLvXbBC4ZVVg5_IxUWn_sp0QhqtXCL-Wn539pQOMz2mRY9u5kD35E24oEAMD9kcyMR9qPm-Nrk_JWLDsZKMdE-BToTcu-lN-73yz06JfW3jtIASvWnAnGcEza13TXge5mLSuWnj_2mnTgdO-PJum18hikPMRXxP1Hr9RBW6GuE2CKXhWTTb1m-q1D9ofLfZ0QdtQopVOkI-iXaOjg6hCWJtAXj9Yg8DqDzspEwzPRREGAZW4HOun1XY1sK9-LLhXJ29VAIfovCTWeP_Bvz_gLK-UayJtKaj8y8uS11T7ffo0hYdNIgiGPTAnHS2xGgJ_9a3pQMHZruunJJn5i7BzQ0vvgZoAwWkZh5XEoLpLE9HjInl-kZI9TnJoFrgPphXnCvvsR2uVq80fhyIEYCqOa3mxm0v0JYqEiFRM6H-mP8cZWlcGvVVTueIz9vkoZ1vYELR9eC3XNK1iR0JctRhll8vPviJdcvaWcdVAv9rrh4zM_PhQ4M7LGDC87UG6dCpCz1HZHZ3EVGrQkyi-gDNKZu9-Ga1JhyP9UKddoCCA72jip5t4f8FBoGbSKTumvQt4K-Inm4aNMRkC4lfdtq5Fe5gja6iUPTfSW8opSfjDo089Iwg_b0u-tLTsx6CgxR3YD3roOurRIbMHOf9DGtXpdIAf1QnZqvYgaZXvJt5EWS6vDjCuRWpaTuiB4zrunEB85rP8UPYiEzO7TNSS3Rr93XekmxmsqqczuONkzKxSCivp_Blp8Jgh0NKrzZ3qu8vvRT1QHwuRA0_jmN9-cLRUxkIG0pz-urWm_OodXmsad0lvV_WmLigOPbwAFEOlNpsgFiUxO-D7h3KCMiC8AeGW7EGbUJ5vVnPgqf6IWqmnnRc32LCIGueruQI9Msv1qwlIDeZEljXim-cogMfw_tmAW4bZHRODuPRrxqaihUG4lI3M8PC-um6goTmB00N0oFvLelMie5o-pLTsBKkaioKKET8-_dwmxzQbKUIos9ZrZMcgO03FkfwHiC0gxNZvOnzvJAj-LhVzTJVZpWZn3w8mimciq8XsqSaFvk8rFlmDDwO62MGBjoRlGpWmk_-TqHgbhlrQk_Sd6na3eq2U89hjBGZnp6pNn89IsXZccqhO4WuYGauCyVVWxd3oulBrnJVUrgt4Bm-gFmasVx29oWKWswy2758rGXT6ARHjK-s_MJfHQExlol6m6u10Z5iq__NcmNCMS7v7zcCptMLMofDiiz5ZzVqdp0eipaFYp7RnH9gsgXYGtSDEp1sMkV-1bZR5yRyLXC6D0m2fyMLPm73CPP6txBO78-mK7sidGiUmJd_PN_ZjGIwx6MGCEPH_ljy4ent_wY5i2CzLp7rGnEMJD2Ail_qMoSZyMt9EHVhUSG5ITmO00upcFisyDsRLR2vWaWm2xLoFvoW4CzRJjSAZc2BI&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8474f69f03704ce449247a89aaad4d771ca89e5af0dbbaabfa7d5ba54471d2bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34712
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2682 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIm606x8J35Gfy5fSxO0EZxMQVim0P1E3OTkPzySzawP6Fj0meeZMpNjns0jXRy3qX4KeOH2eMyfFYfX1tfwUBFzSmUlb57aVIZCkxEvH-HSLwgoA
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2682 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 13:24:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 13:24:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2682 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 03:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 03:07:35 GMT
l
www.google.com/ads/measurement/ Frame 2682 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvAxMxroXD7KwHIfIjlQX4fxl9ks43pQuMJlBLBMLAMA2xNGLnoM5y3xCV6Fy9xPWSOlIe7kQjMdWYBImDMO7U7Ah90g
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2682 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 16:57:39 GMT
rum
dsum-sec.casalemedia.com/ Frame B89C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCGn0cY2aGp1AEwAQ&v=APEucNVjM5yTfgZYDbFftHxipt1sgVQWz5n1UpBO4uUm5hiEYQrog5ItRjUpfohqeIgw_IL0Ijl4dZaIYLPOo_L0IVNJvm9mOtniNpzl1vaWOdjSLY7DS8SlLC4dFV8F8R4RIaFoAH-6_gCX_S5EhJLNOu2FF29kaTrPv7s_J8IILVWEQE8_y2E
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B89C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0mVA70QpDBDEc1OCq6wqgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCGn0cY2aGp1AEwAQ&v=APEucNVjM5yTfgZYDbFftHxipt1sgVQWz5n1UpBO4uUm5hiEYQrog5ItRjUpfohqeIgw_IL0Ijl4dZaIYLPOo_L0IVNJvm9mOtniNpzl1vaWOdjSLY7DS8SlLC4dFV8F8R4RIaFoAH-6_gCX_S5EhJLNOu2FF29kaTrPv7s_J8IILVWEQE8_y2E
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B89C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCGn0cY2aGp1AEwAQ&v=APEucNVjM5yTfgZYDbFftHxipt1sgVQWz5n1UpBO4uUm5hiEYQrog5ItRjUpfohqeIgw_IL0Ijl4dZaIYLPOo_L0IVNJvm9mOtniNpzl1vaWOdjSLY7DS8SlLC4dFV8F8R4RIaFoAH-6_gCX_S5EhJLNOu2FF29kaTrPv7s_J8IILVWEQE8_y2E
Protocol
HTTP/1.1
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
AN-X-Request-Uuid
36e2dc64-1985-4a29-a12d-18b0986e74ae
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
31.204.150.147; 31.204.150.147; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B89C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzk0NDQzMzI1NzIwNjMzMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzk0NDQzMzI1NzIwNjMzMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLitHRCGn0cY2aGp1AEwAQ&v=APEucNVjM5yTfgZYDbFftHxipt1sgVQWz5n1UpBO4uUm5hiEYQrog5ItRjUpfohqeIgw_IL0Ijl4dZaIYLPOo_L0IVNJvm9mOtniNpzl1vaWOdjSLY7DS8SlLC4dFV8F8R4RIaFoAH-6_gCX_S5EhJLNOu2FF29kaTrPv7s_J8IILVWEQE8_y2E
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
AN-X-Request-Uuid
aa2b0c79-2fe0-4125-85ba-9abbb1f70714
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzk0NDQzMzI1NzIwNjMzMg%3D%3D
Connection
keep-alive
X-Proxy-Origin
31.204.150.147; 31.204.150.147; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4B19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYoa-lwAEwAQ&v=APEucNWMWE1ExmDzJPJ71zrgdGnVo8bq5OL69NAV_SNc3t2Ms5OWWrGLNoFbBE3iLGw_Hf7lkkyVxizQPyPlf2oBnEunFYN6HSEsu29O2_CmV4Hluy_fgWktMGcirCUv2sgULHyH7pUUExGu1OOVJubPJ_4AsDHxeZXtNJ74SX1Dw1ZTMHDgtsg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4B19
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0mVA70QpDBDEc1OCq6wqgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYoa-lwAEwAQ&v=APEucNWMWE1ExmDzJPJ71zrgdGnVo8bq5OL69NAV_SNc3t2Ms5OWWrGLNoFbBE3iLGw_Hf7lkkyVxizQPyPlf2oBnEunFYN6HSEsu29O2_CmV4Hluy_fgWktMGcirCUv2sgULHyH7pUUExGu1OOVJubPJ_4AsDHxeZXtNJ74SX1Dw1ZTMHDgtsg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbjwZQz0SaMxDd6uLoW1yo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4B19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYoa-lwAEwAQ&v=APEucNWMWE1ExmDzJPJ71zrgdGnVo8bq5OL69NAV_SNc3t2Ms5OWWrGLNoFbBE3iLGw_Hf7lkkyVxizQPyPlf2oBnEunFYN6HSEsu29O2_CmV4Hluy_fgWktMGcirCUv2sgULHyH7pUUExGu1OOVJubPJ_4AsDHxeZXtNJ74SX1Dw1ZTMHDgtsg
Protocol
HTTP/1.1
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
AN-X-Request-Uuid
1c3a50e1-d291-4d8a-94a2-c846f04f6c5f
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
31.204.150.147; 31.204.150.147; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEP9jyqXYe6u9TNbe3S7vS5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B19
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxODQ3Njk0NzI5MDIwNTc3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxODQ3Njk0NzI5MDIwNTc3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYoa-lwAEwAQ&v=APEucNWMWE1ExmDzJPJ71zrgdGnVo8bq5OL69NAV_SNc3t2Ms5OWWrGLNoFbBE3iLGw_Hf7lkkyVxizQPyPlf2oBnEunFYN6HSEsu29O2_CmV4Hluy_fgWktMGcirCUv2sgULHyH7pUUExGu1OOVJubPJ_4AsDHxeZXtNJ74SX1Dw1ZTMHDgtsg
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:39 GMT
AN-X-Request-Uuid
acd00387-954c-478a-9be4-10477e1efa69
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxODQ3Njk0NzI5MDIwNTc3
Connection
keep-alive
X-Proxy-Origin
31.204.150.147; 31.204.150.147; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A432 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Origin
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 10:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Oct 2022 10:24:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame A432 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6MHzw-OkBqEgFO_JkOpJ26ZUSKjmiF_1qCfSUTvZnUR4G_Jeb39LNZ61QYAujB6Jkr_l7hYYmHEA7Ce--Bs37vtUy4g&cry=1&dbm_d=AKAmf-AkEgMc9ws_UgHnagnu1tM8beqfX5x8QyUVupPhYbkT2X9e1vXMOd5MZG0rez-dYoLna-rGHT0rOh8HN5RZ2ZWnVUYSQTV1oxpxdipEhNDcqqdOeYWpdzYlfPUCEd8_phgyctZglKz1nAQeqCAk9cgeTokSPok4F8_eARO9tzHuo2h6POdnE1iTQqh0PwQLdXmcQlOCCEJfXIfU-ldWvGayt44OfY9IZw0TK2jn9_kAY-NnFy5NSK3cZzyoIpcQHr1UOjtL50uuw5aiYbuJlrFe8ndUL77cUAVjqmHgdCPRMAvCg-v5uFpq2zjsIcX7PDV47RIUA3gLUTpcTz1asYfcYSGA2GfWxLlYhJf0rhyrzNUyZ3D8OUfIwtwnYXu8yWSaLYA9hOwDMt8EZfD3z5h65h_d2ziSvStZfzsjnwKpKo9utT2_sLgRgYa9L_U_C9gV9Ug86CqHDKhZXWIG-6nB-dEmzGh15GEC9KMu44J1LgBgaUHsj9Q6oHzHxlMn2a2Y-soiqZ3uDjLH8ldgYzq2sFbXg0pvzKKQ9lwTYpJkQKy47yDmgohv7TwZNL3I2SaG2G742xAj41l3yRXOnsthEa3bte6Hl-sBONPLoIi_ZeA9qm0XjN1Qfr35gT_d6HpsvFdbcVf2k9kRsXowQsZ7VMDG0Rc47jX53yKUO9z1Rq2zICJqmPZZn98ImSxS7FzSRzSeF7EnhpwqMFmmaTUJnFwgZw8-gfA1QJ4i_XHCHRHcs3b464wPHOWO-MLYPzPzNN7i0sm1Ajb98XAlvv7p7I6HDuI7ZLTDphrVB8hgd0x3CqdgJXkm3bZmRz7sZQCk9WSWNMGuEhc3OoyEDk0yCyDt1KwzUMdAzBAyzbxjiONhpYb3Za20fFJSDUL_LqcV4Xto0ET6mSqvARMd1cnllABB6O5b5DsAGDqa4dOrwfG9RqOBmmT6jDnOK7ycvj0kL3rBcnVohAkMPSvSp_Q7Pt-j_SNDtpmXmcf9a4HRzRM8isGllssDz6xYFTLN4lUynmt9uRu5jyKFsNZiULPs-Bo4AKF7xOtVvirQ5K6N8iFCXypRgM5zUY_l0mYJp5bYMUj15RJ9BaZsgGUlJwkrBmqOWlmW7NiuZWxRgIqpgq97jWA8K8VoRjvxBaHDVMeIkuIWbQCFSjAzT17w-waP_o9G9K5JUYqVyd2TnddFVzt9Ni9k_rASRVieTVH5Nfhat0WiHkTk4q3728-QtMytPkz_AweIQpVHHUOKryWazJabD2iNIet-GI2H1YfD0PbrWiCSuHFmHKQsR3liyZG6IKGlo--8Ho6DCZMs0mEp4fFJebco0PH90aDkMvCyySy-hqOkPl-lm_fMbtRZts4lGyv1eLDzA29UFNUypMd92dMqo1A8YAh4iQ8oCa0XSDK4Cz1uz2g_DTHRS0daOdaK7yB9S4NIMQ18E_7rOQz_u5BUwdz-l_-9xITr-opr60cHbyFiT6fx_KDSRZ-GPP7-weJVUkN6g1lS3Haga_8XBQZeKuiiavIo-60HG9U30EQMmwyhFSXzGuBPgN078R8ZzFGT8THcEug-AqPjRcmlYBbg5q6gOXU-D9fiyw1Yu3hMJ3PckLk6TwtgxC09QXEX54HkOYDX4LzdnqK3CEVzmbP0H2aHgr2hYHgPqjCHZpLspUm0_IlEvCFMCDpeqzX36UcQ2CE0nIQoL1c31CK30vwHAwZKunyXDDh2VvxtvqpLeuYKuc-6kHsEPLsJMccLZRAuXcoXoRF_usv_Skabo0nGXfE2XEbSE-ePUSesomhRX2fEzZF2NyaP-ngs_ECcRKsgMjftZtN2fBr96O_ap6A_K7glNkgU2R_ceNWoaUUju-CSyL2tq3UpmTckS93ACENgyfoJv9EdX7gnHvj_cZSDOwOuMakelx8AEUgb1dO25JclYQyZykyDCEimdV3rwlV3EDDwptZcoOxk12C909TdLVkh1nAi4XI3dtSbY2K8o_6AkJQfSxYx-kEcZsOIfhxWOIrnkExLC4cEFc0Z0El9-U5zyUlKuu-wrNMmyNPGmTqJhWffqcrBfrRGa-qIRL_HWlg0yYCeXr1xLG4RNqwIeR2_ByWC0ws7N8xtYHyuwzXATdsYXTYZqXt6BgZllD8Yteab3Pnjni7U69GDZaX9o9Uy5Lo4RyI0e4DnFPbzr4belQ_uNKBEzC6OMpm7iqXKWqjTYUtGvOi6AVSaajmtMaIDFpkhZbhV10--X2AswRyWawg3tlkHLJf8ch5-ksY24OSG3kyrn8R8YZkWNZIUErLy3Mh0TZxGC4UUrYFxMFBVfYCcrFHgCGS_3UaCFJxdYEpyUjaH_EA7daL_p6BQHcumiHTUxrxo-SYCKn9jS0iMvRLqxheLlnUcDhboJc7rnh2DS2mp-YG2OEk-kskutOaDldS8ydk8bc9wo-HkGfLuwgY_LjThWpQYZQo0_oHL6G4YlZsF9UNEEpQDyNhtQtMzPdmwgkPiKCfwc1wOJiBRZSOM2Qa4rpBqtF1kML30qgi2wTM6X0M5FzGE6zbEsxA1eX5MqtyTVLhSa2mjIqd5VlR2hAYODXWonvP6TVWEa6A7xPpLGFbDIw0hYvVn0JwIsXcey_YL2dVh0kR8VIe3ND0JPGcAV7P90pDrwSYEzRbfZWVUSBS--s4CkP1jey6A6LZq5B5O7_n6pTLfou9gOJexjnRYD_irJCsGLzmHz-9r48420HIJCcW9LPpZI8jgm_Yv9LJ93ejeXh3uZWX1gfPh1eUH2voar45oxyUMed3eJdh8IgNJyZ5hGqaW856mUi21a5u3ZSi4xeKpI_ZGCU-emO-ztJCWEwUCKDOcJ7vZp5LO-3faYCCF5NCDSjNOWJ38WFq4KOWLboqq0S4jPwvzf5GS2tuq0uFvTMWMmvtxyQV65yTI8FxVhCVrquave3Hp0q4Us2mK_jmox7WYQITLh0SV2p91xFDOrMjCHGl9yxE-XoOJQNiiaGfZKyibKxCJYKHvcA-jhxXIKOuI50p-S_liDXH-2bU0q_6qu5I6OKMTZOdwHHyVsfvii14GOxYU-3t9uZhraxAmP9DzfR_x-tki4AeBtFMml6H0Fn5o28ST_jYHMHpeMmypnaZyO_yg_h4KTz6mHwDO8eDqRG7izIkGQ8AyYl4mVsjq03Izj1-kscNAmyIzXG1D3-6GTMwIrXA7NHnBTJs1492k1jCvCUBQ_ZWpjDrvFbvTy5usYtgd-WgRuVjjQjuKEbKpUkCuHmZllKjGGAQjMV4dVUugGprsbyMuIPINvs8Jk7WKXZ4fplGJmo9PJfDElgM&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:52:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame A432 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6MHzw-OkBqEgFO_JkOpJ26ZUSKjmiF_1qCfSUTvZnUR4G_Jeb39LNZ61QYAujB6Jkr_l7hYYmHEA7Ce--Bs37vtUy4g&cry=1&dbm_d=AKAmf-AkEgMc9ws_UgHnagnu1tM8beqfX5x8QyUVupPhYbkT2X9e1vXMOd5MZG0rez-dYoLna-rGHT0rOh8HN5RZ2ZWnVUYSQTV1oxpxdipEhNDcqqdOeYWpdzYlfPUCEd8_phgyctZglKz1nAQeqCAk9cgeTokSPok4F8_eARO9tzHuo2h6POdnE1iTQqh0PwQLdXmcQlOCCEJfXIfU-ldWvGayt44OfY9IZw0TK2jn9_kAY-NnFy5NSK3cZzyoIpcQHr1UOjtL50uuw5aiYbuJlrFe8ndUL77cUAVjqmHgdCPRMAvCg-v5uFpq2zjsIcX7PDV47RIUA3gLUTpcTz1asYfcYSGA2GfWxLlYhJf0rhyrzNUyZ3D8OUfIwtwnYXu8yWSaLYA9hOwDMt8EZfD3z5h65h_d2ziSvStZfzsjnwKpKo9utT2_sLgRgYa9L_U_C9gV9Ug86CqHDKhZXWIG-6nB-dEmzGh15GEC9KMu44J1LgBgaUHsj9Q6oHzHxlMn2a2Y-soiqZ3uDjLH8ldgYzq2sFbXg0pvzKKQ9lwTYpJkQKy47yDmgohv7TwZNL3I2SaG2G742xAj41l3yRXOnsthEa3bte6Hl-sBONPLoIi_ZeA9qm0XjN1Qfr35gT_d6HpsvFdbcVf2k9kRsXowQsZ7VMDG0Rc47jX53yKUO9z1Rq2zICJqmPZZn98ImSxS7FzSRzSeF7EnhpwqMFmmaTUJnFwgZw8-gfA1QJ4i_XHCHRHcs3b464wPHOWO-MLYPzPzNN7i0sm1Ajb98XAlvv7p7I6HDuI7ZLTDphrVB8hgd0x3CqdgJXkm3bZmRz7sZQCk9WSWNMGuEhc3OoyEDk0yCyDt1KwzUMdAzBAyzbxjiONhpYb3Za20fFJSDUL_LqcV4Xto0ET6mSqvARMd1cnllABB6O5b5DsAGDqa4dOrwfG9RqOBmmT6jDnOK7ycvj0kL3rBcnVohAkMPSvSp_Q7Pt-j_SNDtpmXmcf9a4HRzRM8isGllssDz6xYFTLN4lUynmt9uRu5jyKFsNZiULPs-Bo4AKF7xOtVvirQ5K6N8iFCXypRgM5zUY_l0mYJp5bYMUj15RJ9BaZsgGUlJwkrBmqOWlmW7NiuZWxRgIqpgq97jWA8K8VoRjvxBaHDVMeIkuIWbQCFSjAzT17w-waP_o9G9K5JUYqVyd2TnddFVzt9Ni9k_rASRVieTVH5Nfhat0WiHkTk4q3728-QtMytPkz_AweIQpVHHUOKryWazJabD2iNIet-GI2H1YfD0PbrWiCSuHFmHKQsR3liyZG6IKGlo--8Ho6DCZMs0mEp4fFJebco0PH90aDkMvCyySy-hqOkPl-lm_fMbtRZts4lGyv1eLDzA29UFNUypMd92dMqo1A8YAh4iQ8oCa0XSDK4Cz1uz2g_DTHRS0daOdaK7yB9S4NIMQ18E_7rOQz_u5BUwdz-l_-9xITr-opr60cHbyFiT6fx_KDSRZ-GPP7-weJVUkN6g1lS3Haga_8XBQZeKuiiavIo-60HG9U30EQMmwyhFSXzGuBPgN078R8ZzFGT8THcEug-AqPjRcmlYBbg5q6gOXU-D9fiyw1Yu3hMJ3PckLk6TwtgxC09QXEX54HkOYDX4LzdnqK3CEVzmbP0H2aHgr2hYHgPqjCHZpLspUm0_IlEvCFMCDpeqzX36UcQ2CE0nIQoL1c31CK30vwHAwZKunyXDDh2VvxtvqpLeuYKuc-6kHsEPLsJMccLZRAuXcoXoRF_usv_Skabo0nGXfE2XEbSE-ePUSesomhRX2fEzZF2NyaP-ngs_ECcRKsgMjftZtN2fBr96O_ap6A_K7glNkgU2R_ceNWoaUUju-CSyL2tq3UpmTckS93ACENgyfoJv9EdX7gnHvj_cZSDOwOuMakelx8AEUgb1dO25JclYQyZykyDCEimdV3rwlV3EDDwptZcoOxk12C909TdLVkh1nAi4XI3dtSbY2K8o_6AkJQfSxYx-kEcZsOIfhxWOIrnkExLC4cEFc0Z0El9-U5zyUlKuu-wrNMmyNPGmTqJhWffqcrBfrRGa-qIRL_HWlg0yYCeXr1xLG4RNqwIeR2_ByWC0ws7N8xtYHyuwzXATdsYXTYZqXt6BgZllD8Yteab3Pnjni7U69GDZaX9o9Uy5Lo4RyI0e4DnFPbzr4belQ_uNKBEzC6OMpm7iqXKWqjTYUtGvOi6AVSaajmtMaIDFpkhZbhV10--X2AswRyWawg3tlkHLJf8ch5-ksY24OSG3kyrn8R8YZkWNZIUErLy3Mh0TZxGC4UUrYFxMFBVfYCcrFHgCGS_3UaCFJxdYEpyUjaH_EA7daL_p6BQHcumiHTUxrxo-SYCKn9jS0iMvRLqxheLlnUcDhboJc7rnh2DS2mp-YG2OEk-kskutOaDldS8ydk8bc9wo-HkGfLuwgY_LjThWpQYZQo0_oHL6G4YlZsF9UNEEpQDyNhtQtMzPdmwgkPiKCfwc1wOJiBRZSOM2Qa4rpBqtF1kML30qgi2wTM6X0M5FzGE6zbEsxA1eX5MqtyTVLhSa2mjIqd5VlR2hAYODXWonvP6TVWEa6A7xPpLGFbDIw0hYvVn0JwIsXcey_YL2dVh0kR8VIe3ND0JPGcAV7P90pDrwSYEzRbfZWVUSBS--s4CkP1jey6A6LZq5B5O7_n6pTLfou9gOJexjnRYD_irJCsGLzmHz-9r48420HIJCcW9LPpZI8jgm_Yv9LJ93ejeXh3uZWX1gfPh1eUH2voar45oxyUMed3eJdh8IgNJyZ5hGqaW856mUi21a5u3ZSi4xeKpI_ZGCU-emO-ztJCWEwUCKDOcJ7vZp5LO-3faYCCF5NCDSjNOWJ38WFq4KOWLboqq0S4jPwvzf5GS2tuq0uFvTMWMmvtxyQV65yTI8FxVhCVrquave3Hp0q4Us2mK_jmox7WYQITLh0SV2p91xFDOrMjCHGl9yxE-XoOJQNiiaGfZKyibKxCJYKHvcA-jhxXIKOuI50p-S_liDXH-2bU0q_6qu5I6OKMTZOdwHHyVsfvii14GOxYU-3t9uZhraxAmP9DzfR_x-tki4AeBtFMml6H0Fn5o28ST_jYHMHpeMmypnaZyO_yg_h4KTz6mHwDO8eDqRG7izIkGQ8AyYl4mVsjq03Izj1-kscNAmyIzXG1D3-6GTMwIrXA7NHnBTJs1492k1jCvCUBQ_ZWpjDrvFbvTy5usYtgd-WgRuVjjQjuKEbKpUkCuHmZllKjGGAQjMV4dVUugGprsbyMuIPINvs8Jk7WKXZ4fplGJmo9PJfDElgM&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11730
x-xss-protection
0
server
cafe
etag
9319256901541695429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:52:53 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2682 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Origin
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 03:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49067
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Oct 2022 03:19:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 2682 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B15LDQLd2xH3RQWfA0ZqWkfaJZO1TTrxg3F-eVWbaGB-oqipAysjLIZGomGaZ547xcd_spJYRB_OJs4w1CL6wZ_qN2ju1cMrw1EOTonadBKX00ZcI80f2l5xxVGRCp-Jx3op3OVLytZ1LQNdlz7hMTJI3kmZW444tPkg881wa1oiKqAVA&cry=1&dbm_d=AKAmf-CuYqUyfm_NvtK7h_JCz24dUheSRLsLCwdgfE7o6ZJlU6Ugg2D9I-d8VSuyNAjtdttaUeQhtVp8uebT9MlWWKLy9fcA8crAZW_kQx6g_U6uIJtJr__X1GBMEsXO3-pD3uY3yay-cS4G__q22LYxwTFe-7NF1iKTFK5E8kl91Amh1BFN-j895r-XU3ecwqOgmKJ9EvQ3v9DubIXukw2JwFSv2KJGpazvtClWsimqpWwFgJbMRzHjhBFK5Y_exSGe7yo5-dQDTN6luYKwchh2AlEvaS3tn-DiW8f2zI44SP_RswUh_fYgbxv9NjWrSAO1EMHnhGMzqzASaOnG46mYjlkfrgXgUrjQHyrZme-z8qjYOZVlIfbBAS80yVGcWJ6YpNtSiSrp5xHirAEpr6WFucB7DM76nYxgif8X3avenKiWF5zs8eHdHanh6o4S7zujFCl0eRtitTrEqjGCO6Q1FI_NvwvT36Lwz-XVCNTpIv_7CrSt7rPF6WCaQlMs07MUTjI8ZA8jvm6sG0GKOtwisiQr9qVdr7iiUJky8fQ-tk3y5dI3UcTBFEb8aOGiHwIjjzsbLSrVusr-kBNrjCux6ndbSb1gnfu1IWEDfbaJZVtMK5bR6-0II4_sGHwDircq621CajLN1kyomiSMmhhj5M4WFzUQGNzxbAcDkVyZmsxQk7PF_xfe5pEAQuJuLAooU_h1cQjtw3UHTI8t707B8Nbxli8a30AkH5EQ214dyZyVdjlANjUjGn1srqCGnK0LEav0bRyXetIepwa6VJiw2KH340mUXhWQhgXQNbH81zabacjGLbbG0P6DWqWVGbid0cfLJPfWkW_YUHKRQEpK-wuWodARLnA1Ucp8pqQxXQI4jLg8NpRyAlKMT20HS3KM6s16CM070T0zlmvBYomF4joX6dvNTIyFmz9jlmzSfQOKwxW-fuiduxW4h_UmQXfS37GQSt2Bjt5HoMW5qzkNwafLDLd3pPLt6GCs6X7FUxM16RiHOFxYyu4BLzvrMHhsnflSgVwqYVScG9wb03Byqvi9TVboneXaM61mJ2WPx3ZozBoB0ca1EQPeb7_sERZ5aY3KSyVhHzwnrYbTQyTE3sEIj0YLW0GoZZDy0iHFO1nkGyBxHWBiaLERk_e_1xnJcUCNGcW5vLtnaWraPKhMYVAC4E58wCcb3wufjrrI08LRaJGUda90NeaHxBK9yeaVPu7lhnC6xIQgbzAD-RukmVuSkJt67Ed7jIFgfWYfdovdNdJ97tlguWsHuJd5D2DH5oi07R53XIBJjcsvxoMVrc0v4GKEZPwqgNLl59EFx5Qq7u18zqynApDXLsPTIgrYmkXwGPYwCw3gKz2_UkkuwPphcjoVxGpK84XQUa3dlX--StzVnhJOj7u66neAZLDmN3ivVX_eh-X9ZunWKAyQFgPf6lxjBVU4Uf2tKTdXx0acadniig3kwABqL-sipF0TMkcbNRyALnDKkx9tCQE_d4Scxj7tShC2jElTNofopWoAFafRwgFHEzk07oZMJGa9_vjy-qX7JKUBiBruv7gSUxa8QPp4RJFYtQtTvjd50_86ZVBdmzkiy2CepLe7b7KnkB5mt0rRro9-wd0Ia1ppytvmixONZHAW-qBDTBto5ra59mXZgSWp1ydH8ENISiY0PjrmtVc2u6kluOSEYDMLCNONU_2xcDD3iLyNJbxqyZoYGSUJhMC89MfpEXwO86d5R5ar7DfdGMKgkkQDhIN6d3gO6bquwLd5zX62chKjKYHtv1YnrJfnrmQTorV4C1aa14FsuuUuMJNECqEUcdZH42V8uNGBAUrQarASQ4mSnRi0GI3qUQm33OfYptf-7znIfQ8M1g5ybMu5NFrlr9CYUmtlcOdETD7_AraGDbtHC0fUNtNgkRnC3dtIaEIBWXwh0qX5hf2qZiGso311iuUgiVZd3G4M39F6u3FOFhOrHErMpRnWprKmUqTQR9rOZAhiKzIauoG9ueaiETk1pyafV2WksB02sE2dnCZSway1i3j8bR5w_p9ZHdEit-RkvwVDKljJRhkTtVbrEMHIgpXUBqWIAh1ixgtLPo7cNMYvY20adSoJccQHPUaF9wU8wz7kdiH1xS4eRzxMcznu9RuagQmeejslp0POzxM1pJVB3WS20k3is-uy2H6YH5tTCVH4sGUZsiFgp082kPONINmOz6CALAQ8Mpqf7uK6WqFc_z3w69L0TAdl5QNPZ78QeaVp1OuHcz8D2-ZCvrgo_72k_VqoHwRPHw4yWDm1sGRA9B-I2W3DvCnNd_qlx6Vz3VnKbnEXwU75E4rYEmyV9rjFLRlOF5B4-Mfqo3U4kmMxUgIPSV06qsdmX-pvpzi2S5q7FGv5njLed7nBM0BBNrXi_ZXghjZy7i7T5KgSoJHFjiJJiXdOeVuFZsSUe9GTrUXQEQli9syBX90BoDIJyz0Ma4FqFcp32VQSQTUb5kDJlR-vxVpxxBxtNyyBIjPfgHuC_TpLK-ZJENp096g7WoUtoKWFnHqYWx5cQcmi-RWkSWx9N9KfVhvj3CwB0idrFZ9JfxFbAYj9aVPsY-I0-u-IDrxN5eGWq1wODBsUYmN8owE4pnWWOy0g9MDPvWCUGSikxWzKfhu86k47UY-qJ88B34aqYsN6h9wtDRluo2R6PK4lTf4DNwf5z_gCOQK8o_B3tZ0JO-KJ5T_d0i7MtjfcGC6s6Z9-2VEWXXiGCtQ3NLKuPND-5P6uVtwcRYOCvuD1xuwLWcy8BQYtygj4OQkqnbKbNMkRLvXbBC4ZVVg5_IxUWn_sp0QhqtXCL-Wn539pQOMz2mRY9u5kD35E24oEAMD9kcyMR9qPm-Nrk_JWLDsZKMdE-BToTcu-lN-73yz06JfW3jtIASvWnAnGcEza13TXge5mLSuWnj_2mnTgdO-PJum18hikPMRXxP1Hr9RBW6GuE2CKXhWTTb1m-q1D9ofLfZ0QdtQopVOkI-iXaOjg6hCWJtAXj9Yg8DqDzspEwzPRREGAZW4HOun1XY1sK9-LLhXJ29VAIfovCTWeP_Bvz_gLK-UayJtKaj8y8uS11T7ffo0hYdNIgiGPTAnHS2xGgJ_9a3pQMHZruunJJn5i7BzQ0vvgZoAwWkZh5XEoLpLE9HjInl-kZI9TnJoFrgPphXnCvvsR2uVq80fhyIEYCqOa3mxm0v0JYqEiFRM6H-mP8cZWlcGvVVTueIz9vkoZ1vYELR9eC3XNK1iR0JctRhll8vPviJdcvaWcdVAv9rrh4zM_PhQ4M7LGDC87UG6dCpCz1HZHZ3EVGrQkyi-gDNKZu9-Ga1JhyP9UKddoCCA72jip5t4f8FBoGbSKTumvQt4K-Inm4aNMRkC4lfdtq5Fe5gja6iUPTfSW8opSfjDo089Iwg_b0u-tLTsx6CgxR3YD3roOurRIbMHOf9DGtXpdIAf1QnZqvYgaZXvJt5EWS6vDjCuRWpaTuiB4zrunEB85rP8UPYiEzO7TNSS3Rr93XekmxmsqqczuONkzKxSCivp_Blp8Jgh0NKrzZ3qu8vvRT1QHwuRA0_jmN9-cLRUxkIG0pz-urWm_OodXmsad0lvV_WmLigOPbwAFEOlNpsgFiUxO-D7h3KCMiC8AeGW7EGbUJ5vVnPgqf6IWqmnnRc32LCIGueruQI9Msv1qwlIDeZEljXim-cogMfw_tmAW4bZHRODuPRrxqaihUG4lI3M8PC-um6goTmB00N0oFvLelMie5o-pLTsBKkaioKKET8-_dwmxzQbKUIos9ZrZMcgO03FkfwHiC0gxNZvOnzvJAj-LhVzTJVZpWZn3w8mimciq8XsqSaFvk8rFlmDDwO62MGBjoRlGpWmk_-TqHgbhlrQk_Sd6na3eq2U89hjBGZnp6pNn89IsXZccqhO4WuYGauCyVVWxd3oulBrnJVUrgt4Bm-gFmasVx29oWKWswy2758rGXT6ARHjK-s_MJfHQExlol6m6u10Z5iq__NcmNCMS7v7zcCptMLMofDiiz5ZzVqdp0eipaFYp7RnH9gsgXYGtSDEp1sMkV-1bZR5yRyLXC6D0m2fyMLPm73CPP6txBO78-mK7sidGiUmJd_PN_ZjGIwx6MGCEPH_ljy4ent_wY5i2CzLp7rGnEMJD2Ail_qMoSZyMt9EHVhUSG5ITmO00upcFisyDsRLR2vWaWm2xLoFvoW4CzRJjSAZc2BI&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:52:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 2682 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B15LDQLd2xH3RQWfA0ZqWkfaJZO1TTrxg3F-eVWbaGB-oqipAysjLIZGomGaZ547xcd_spJYRB_OJs4w1CL6wZ_qN2ju1cMrw1EOTonadBKX00ZcI80f2l5xxVGRCp-Jx3op3OVLytZ1LQNdlz7hMTJI3kmZW444tPkg881wa1oiKqAVA&cry=1&dbm_d=AKAmf-CuYqUyfm_NvtK7h_JCz24dUheSRLsLCwdgfE7o6ZJlU6Ugg2D9I-d8VSuyNAjtdttaUeQhtVp8uebT9MlWWKLy9fcA8crAZW_kQx6g_U6uIJtJr__X1GBMEsXO3-pD3uY3yay-cS4G__q22LYxwTFe-7NF1iKTFK5E8kl91Amh1BFN-j895r-XU3ecwqOgmKJ9EvQ3v9DubIXukw2JwFSv2KJGpazvtClWsimqpWwFgJbMRzHjhBFK5Y_exSGe7yo5-dQDTN6luYKwchh2AlEvaS3tn-DiW8f2zI44SP_RswUh_fYgbxv9NjWrSAO1EMHnhGMzqzASaOnG46mYjlkfrgXgUrjQHyrZme-z8qjYOZVlIfbBAS80yVGcWJ6YpNtSiSrp5xHirAEpr6WFucB7DM76nYxgif8X3avenKiWF5zs8eHdHanh6o4S7zujFCl0eRtitTrEqjGCO6Q1FI_NvwvT36Lwz-XVCNTpIv_7CrSt7rPF6WCaQlMs07MUTjI8ZA8jvm6sG0GKOtwisiQr9qVdr7iiUJky8fQ-tk3y5dI3UcTBFEb8aOGiHwIjjzsbLSrVusr-kBNrjCux6ndbSb1gnfu1IWEDfbaJZVtMK5bR6-0II4_sGHwDircq621CajLN1kyomiSMmhhj5M4WFzUQGNzxbAcDkVyZmsxQk7PF_xfe5pEAQuJuLAooU_h1cQjtw3UHTI8t707B8Nbxli8a30AkH5EQ214dyZyVdjlANjUjGn1srqCGnK0LEav0bRyXetIepwa6VJiw2KH340mUXhWQhgXQNbH81zabacjGLbbG0P6DWqWVGbid0cfLJPfWkW_YUHKRQEpK-wuWodARLnA1Ucp8pqQxXQI4jLg8NpRyAlKMT20HS3KM6s16CM070T0zlmvBYomF4joX6dvNTIyFmz9jlmzSfQOKwxW-fuiduxW4h_UmQXfS37GQSt2Bjt5HoMW5qzkNwafLDLd3pPLt6GCs6X7FUxM16RiHOFxYyu4BLzvrMHhsnflSgVwqYVScG9wb03Byqvi9TVboneXaM61mJ2WPx3ZozBoB0ca1EQPeb7_sERZ5aY3KSyVhHzwnrYbTQyTE3sEIj0YLW0GoZZDy0iHFO1nkGyBxHWBiaLERk_e_1xnJcUCNGcW5vLtnaWraPKhMYVAC4E58wCcb3wufjrrI08LRaJGUda90NeaHxBK9yeaVPu7lhnC6xIQgbzAD-RukmVuSkJt67Ed7jIFgfWYfdovdNdJ97tlguWsHuJd5D2DH5oi07R53XIBJjcsvxoMVrc0v4GKEZPwqgNLl59EFx5Qq7u18zqynApDXLsPTIgrYmkXwGPYwCw3gKz2_UkkuwPphcjoVxGpK84XQUa3dlX--StzVnhJOj7u66neAZLDmN3ivVX_eh-X9ZunWKAyQFgPf6lxjBVU4Uf2tKTdXx0acadniig3kwABqL-sipF0TMkcbNRyALnDKkx9tCQE_d4Scxj7tShC2jElTNofopWoAFafRwgFHEzk07oZMJGa9_vjy-qX7JKUBiBruv7gSUxa8QPp4RJFYtQtTvjd50_86ZVBdmzkiy2CepLe7b7KnkB5mt0rRro9-wd0Ia1ppytvmixONZHAW-qBDTBto5ra59mXZgSWp1ydH8ENISiY0PjrmtVc2u6kluOSEYDMLCNONU_2xcDD3iLyNJbxqyZoYGSUJhMC89MfpEXwO86d5R5ar7DfdGMKgkkQDhIN6d3gO6bquwLd5zX62chKjKYHtv1YnrJfnrmQTorV4C1aa14FsuuUuMJNECqEUcdZH42V8uNGBAUrQarASQ4mSnRi0GI3qUQm33OfYptf-7znIfQ8M1g5ybMu5NFrlr9CYUmtlcOdETD7_AraGDbtHC0fUNtNgkRnC3dtIaEIBWXwh0qX5hf2qZiGso311iuUgiVZd3G4M39F6u3FOFhOrHErMpRnWprKmUqTQR9rOZAhiKzIauoG9ueaiETk1pyafV2WksB02sE2dnCZSway1i3j8bR5w_p9ZHdEit-RkvwVDKljJRhkTtVbrEMHIgpXUBqWIAh1ixgtLPo7cNMYvY20adSoJccQHPUaF9wU8wz7kdiH1xS4eRzxMcznu9RuagQmeejslp0POzxM1pJVB3WS20k3is-uy2H6YH5tTCVH4sGUZsiFgp082kPONINmOz6CALAQ8Mpqf7uK6WqFc_z3w69L0TAdl5QNPZ78QeaVp1OuHcz8D2-ZCvrgo_72k_VqoHwRPHw4yWDm1sGRA9B-I2W3DvCnNd_qlx6Vz3VnKbnEXwU75E4rYEmyV9rjFLRlOF5B4-Mfqo3U4kmMxUgIPSV06qsdmX-pvpzi2S5q7FGv5njLed7nBM0BBNrXi_ZXghjZy7i7T5KgSoJHFjiJJiXdOeVuFZsSUe9GTrUXQEQli9syBX90BoDIJyz0Ma4FqFcp32VQSQTUb5kDJlR-vxVpxxBxtNyyBIjPfgHuC_TpLK-ZJENp096g7WoUtoKWFnHqYWx5cQcmi-RWkSWx9N9KfVhvj3CwB0idrFZ9JfxFbAYj9aVPsY-I0-u-IDrxN5eGWq1wODBsUYmN8owE4pnWWOy0g9MDPvWCUGSikxWzKfhu86k47UY-qJ88B34aqYsN6h9wtDRluo2R6PK4lTf4DNwf5z_gCOQK8o_B3tZ0JO-KJ5T_d0i7MtjfcGC6s6Z9-2VEWXXiGCtQ3NLKuPND-5P6uVtwcRYOCvuD1xuwLWcy8BQYtygj4OQkqnbKbNMkRLvXbBC4ZVVg5_IxUWn_sp0QhqtXCL-Wn539pQOMz2mRY9u5kD35E24oEAMD9kcyMR9qPm-Nrk_JWLDsZKMdE-BToTcu-lN-73yz06JfW3jtIASvWnAnGcEza13TXge5mLSuWnj_2mnTgdO-PJum18hikPMRXxP1Hr9RBW6GuE2CKXhWTTb1m-q1D9ofLfZ0QdtQopVOkI-iXaOjg6hCWJtAXj9Yg8DqDzspEwzPRREGAZW4HOun1XY1sK9-LLhXJ29VAIfovCTWeP_Bvz_gLK-UayJtKaj8y8uS11T7ffo0hYdNIgiGPTAnHS2xGgJ_9a3pQMHZruunJJn5i7BzQ0vvgZoAwWkZh5XEoLpLE9HjInl-kZI9TnJoFrgPphXnCvvsR2uVq80fhyIEYCqOa3mxm0v0JYqEiFRM6H-mP8cZWlcGvVVTueIz9vkoZ1vYELR9eC3XNK1iR0JctRhll8vPviJdcvaWcdVAv9rrh4zM_PhQ4M7LGDC87UG6dCpCz1HZHZ3EVGrQkyi-gDNKZu9-Ga1JhyP9UKddoCCA72jip5t4f8FBoGbSKTumvQt4K-Inm4aNMRkC4lfdtq5Fe5gja6iUPTfSW8opSfjDo089Iwg_b0u-tLTsx6CgxR3YD3roOurRIbMHOf9DGtXpdIAf1QnZqvYgaZXvJt5EWS6vDjCuRWpaTuiB4zrunEB85rP8UPYiEzO7TNSS3Rr93XekmxmsqqczuONkzKxSCivp_Blp8Jgh0NKrzZ3qu8vvRT1QHwuRA0_jmN9-cLRUxkIG0pz-urWm_OodXmsad0lvV_WmLigOPbwAFEOlNpsgFiUxO-D7h3KCMiC8AeGW7EGbUJ5vVnPgqf6IWqmnnRc32LCIGueruQI9Msv1qwlIDeZEljXim-cogMfw_tmAW4bZHRODuPRrxqaihUG4lI3M8PC-um6goTmB00N0oFvLelMie5o-pLTsBKkaioKKET8-_dwmxzQbKUIos9ZrZMcgO03FkfwHiC0gxNZvOnzvJAj-LhVzTJVZpWZn3w8mimciq8XsqSaFvk8rFlmDDwO62MGBjoRlGpWmk_-TqHgbhlrQk_Sd6na3eq2U89hjBGZnp6pNn89IsXZccqhO4WuYGauCyVVWxd3oulBrnJVUrgt4Bm-gFmasVx29oWKWswy2758rGXT6ARHjK-s_MJfHQExlol6m6u10Z5iq__NcmNCMS7v7zcCptMLMofDiiz5ZzVqdp0eipaFYp7RnH9gsgXYGtSDEp1sMkV-1bZR5yRyLXC6D0m2fyMLPm73CPP6txBO78-mK7sidGiUmJd_PN_ZjGIwx6MGCEPH_ljy4ent_wY5i2CzLp7rGnEMJD2Ail_qMoSZyMt9EHVhUSG5ITmO00upcFisyDsRLR2vWaWm2xLoFvoW4CzRJjSAZc2BI&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11730
x-xss-protection
0
server
cafe
etag
9319256901541695429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:52:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A432 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 18:35:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6D39 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
84749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 17:25:10 GMT
etag
48472445140208031
expires
Fri, 14 Oct 2022 17:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A432 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
249d35ebda91a9c5cd310af1816cc46e9806dd646cb541345897fff86ad4f99a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2682 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 18:35:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6277 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
84749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 17:25:10 GMT
etag
48472445140208031
expires
Fri, 14 Oct 2022 17:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2682 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b3e8f6b2a1917f9e6bce54e47051dc88b3270f97710f15a657df2d496a3d144

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
multitracking
ghb.adtelligent.com/adunit/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19279/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://ntn.ua
Date
Fri, 14 Oct 2022 16:57:38 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
dpixel
cms.quantserve.com/ Frame 6D39 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECU5_z-mTFH-A-1MGPjEpvo&google_cver=1&google_push=AZmPxg95GtyRogA65FukIDCSFjybp-UMSzduz-x00Ry7ylRQV_5eIC6g2CXpiNdrj9Hvo4g8M5CI7r5gYY8FQAbLMYzLQSmUZEwH
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D39
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMM8X_au0adVeahfM0AT7zo&google_cver=1&google_push=AZmPxg_ianK3iDQYbPL_5ZHwm583oOvj7rBANNbcNd9PLFQ24VhNi95fQjySVH-PforYmV4tpgRZZQs78vM8QX...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjAxMjU3MA%3D%3D&google_push=AZmPxg_ianK3iDQYbPL_5ZHwm583oOvj7rBANNbcNd9PLFQ24VhNi95fQjySVH-PforYmV4tpgRZZQs78vM8QXK_3i...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjAxMjU3MA%3D%3D&google_push=AZmPxg_ianK3iDQYbPL_5ZHwm583oOvj7rBANNbcNd9PLFQ24VhNi95fQjySVH-PforYmV4tpgRZZQs78vM8QXK_3io4S_az-3E1
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjAxMjU3MA%3D%3D&google_push=AZmPxg_ianK3iDQYbPL_5ZHwm583oOvj7rBANNbcNd9PLFQ24VhNi95fQjySVH-PforYmV4tpgRZZQs78vM8QXK_3io4S_az-3E1
Date
Fri, 14 Oct 2022 16:57:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 6D39
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECpAU5lwotEOfJNOkrSL5RY&google_cver=1&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1MuT...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECpAU5lwotEOfJNOkrSL5RY&google_cver=1&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1M...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1MuTzyVR3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1MuTzyVR3
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9zfJkOxw83FbsGciFFHR8JNxLctzBBPYk2vs2yK9skLqtuPrhQvMRMiC6uCRxWcNoJV0sQinqe7vAVybP830l1MuTzyVR3
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 6D39
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEO_FR2v4BTJqE1t3LW5EkXY&google_cver=1&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf-vZnxrZ...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO_FR2v4BTJqE1t3LW5EkXY&google_cver=1&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf-...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=F5AzswoXR9itB7TBw8ITFA&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=F5AzswoXR9itB7TBw8ITFA&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf-vZnxrZ4ISJk
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=F5AzswoXR9itB7TBw8ITFA&google_push=AZmPxg-VDDZpQqEkLq5QoLnVwB-FYcK1vd9E3clW1X9nxV1fZTkmeuZv2h4_YBIIAxSGp7paVmbHZeq6wSrsCSf-vZnxrZ4ISJk
access-control-allow-origin
*
date
Fri, 14 Oct 2022 16:57:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 6D39
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-9383c857-7f26-445f-a1e1-7af445270f09-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_0EOP6iJPge_gz1eFu6...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB&google_hm=A5ODyFd_JkRfoeF69EUnDwk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB&google_hm=A5ODyFd_JkRfoeF69EUnDwk
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_0EOP6iJPge_gz1eFu6WAAqh-gBsF9xY7g-t_5_ypEvHThrp0RwfS0OKQLMsx9nHCQd_gfN__0X6xsrJVrSBexPJSrWDbB&google_hm=A5ODyFd_JkRfoeF69EUnDwk
date
Fri, 14 Oct 2022 16:57:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9383c8577f26445fa1e17af445270f09003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6D39
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFWlTsg7_T4vdUf8PQkTsNA&google_cver=1&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8cBTRJl09-8ysEQyjO...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFWlTsg7_T4vdUf8PQkTsNA&google_cver=1&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8cBTRJl09-8ysEQyjO...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZTVkbjNoRTJ1RjRCc29qNlRYRFVMdFVKeWlCQ0NXMX5B&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZTVkbjNoRTJ1RjRCc29qNlRYRFVMdFVKeWlCQ0NXMX5B&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8cBTRJl09-8ysEQyjOZCrYdjgmO0hhSYA-SQtI60a_EZlQ
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZTVkbjNoRTJ1RjRCc29qNlRYRFVMdFVKeWlCQ0NXMX5B&google_push=AZmPxg_MsUr4-dJVFW3vyO52gmb5710Mcu9sYk2HzpHKRcwuP01XFEpp8cBTRJl09-8ysEQyjOZCrYdjgmO0hhSYA-SQtI60a_EZlQ
date
Fri, 14 Oct 2022 16:57:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 6D39
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN7pMzgL_ikk7HVEav53v1w&google_cver=1&google_push=AZmPxg-yQRw-1xQYgsTdIjdJkONGn7kPpVsRY9tDKluY3tbLpWu48EAOr14OlqYipFx_j3hZGaEP0vK1BXg...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-yQRw-1xQYgsTdIjdJkONGn7kPpVsRY9tDKluY3tbLpWu48EAOr14OlqYipFx_j3hZGaEP0vK1BXgoG5WK7B666gIS55Vq
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6D39 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9S-LgtkhBDj0eA_h3fpgWNI8f1SzyunzodTec_rrJchAdJG0aAdlDz1oHg_PFHDFZjFqDaY4
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame 6277 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECxW-Wl8zN3UpfEexTT3QGc&google_cver=1&google_push=AZmPxg-u22j0HggJsgUcu3z9IWEpirqBVyRn-JaOxqNmGWstUWsV1FZWNDJ3N_6x9Gg2OrzL96jGD6SoWCvkEI9o2yV2a9N3pCdC
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6277 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFrytVKOVRjEmg949KXxUZw&google_cver=1&google_push=AZmPxg_lnuLVQ55FCkwEHidYjEtjrRbIQSFi9oauhE7p20rXy-FDwUX45UiGD5By52wV_J5KWwIByu6w1lNQOtw0_tDKbvyk1B26vg
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 14 Oct 2022 16:57:38 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 6277
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHWG71cwLTA_M5srkInbfNM&google_cver=1&google_push=AZmPxg9skXU30saz8l11R6dNCm90K04ivFlMSMiB5HQZv3cquYgdj4UosPBX4B0IGVUDPGEStb4imOXXjXe...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9skXU30saz8l11R6dNCm90K04ivFlMSMiB5HQZv3cquYgdj4UosPBX4B0IGVUDPGEStb4imOXXjXepl68WbY1ICdRyrdDkFg&google_hm=ekImPyRxQD2v_-B1Ke...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9skXU30saz8l11R6dNCm90K04ivFlMSMiB5HQZv3cquYgdj4UosPBX4B0IGVUDPGEStb4imOXXjXepl68WbY1ICdRyrdDkFg&google_hm=ekImPyRxQD2v_-B1KexuuJM
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:38 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9skXU30saz8l11R6dNCm90K04ivFlMSMiB5HQZv3cquYgdj4UosPBX4B0IGVUDPGEStb4imOXXjXepl68WbY1ICdRyrdDkFg&google_hm=ekImPyRxQD2v_-B1KexuuJM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6277
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMM8X_au0adVeahfM0AT7zo&google_cver=1&google_push=AZmPxg8k1lEeatnsEjKmJ3msTCpxcwIDYLD4zH_K_5Igc49SFWmnb7lBWrN6uhGqrGlUrsj2xQLH6bRjFIcFHs...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjE0MzY0Mw%3D%3D&google_push=AZmPxg8k1lEeatnsEjKmJ3msTCpxcwIDYLD4zH_K_5Igc49SFWmnb7lBWrN6uhGqrGlUrsj2xQLH6bRjFIcFHs0kha...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjE0MzY0Mw%3D%3D&google_push=AZmPxg8k1lEeatnsEjKmJ3msTCpxcwIDYLD4zH_K_5Igc49SFWmnb7lBWrN6uhGqrGlUrsj2xQLH6bRjFIcFHs0kha4htbC_tZop3w
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDQxMzMyMzE4MjE0MzY0Mw%3D%3D&google_push=AZmPxg8k1lEeatnsEjKmJ3msTCpxcwIDYLD4zH_K_5Igc49SFWmnb7lBWrN6uhGqrGlUrsj2xQLH6bRjFIcFHs0kha4htbC_tZop3w
Date
Fri, 14 Oct 2022 16:57:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 6277
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBJNA-3_-s1-zzUtGupbbLw&google_cver=1&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmbcY9G0...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBJNA-3_-s1-zzUtGupbbLw&google_cver=1&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmb...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc5NDc2NDY2MjQ4MTY4MjQ4Ng&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmbcY9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc5NDc2NDY2MjQ4MTY4MjQ4Ng&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmbcY9G0gEmA0OWCjc4Ty6hhpxnTiQ
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc5NDc2NDY2MjQ4MTY4MjQ4Ng&google_push=AZmPxg9hlJY52xGWl_xlUG7tRkN3YbAhXDygVGMrG-x8YQH_akA0DARGhm1DusabFg3_vQiAEmbcY9G0gEmA0OWCjc4Ty6hhpxnTiQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6277
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAxWRHfKMKemHvvJ6TfSwZk&google_cver=1&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sgOMDB-weeedBQfWP9fdODGflTBjKXdnPGwMG2BbLQWb...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sgOMDB-weeedBQfWP9fdODGflTBjKXdnPGwMG2BbLQWbl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1NDgzOTQ4NDQ1NzUwNjc1MTg4Mw%3D%3D&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1NDgzOTQ4NDQ1NzUwNjc1MTg4Mw%3D%3D&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sgOMDB-weeedBQfWP9fdODGflTBjKXdnPGwMG2BbLQWbl9IA
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1NDgzOTQ4NDQ1NzUwNjc1MTg4Mw%3D%3D&google_push=AZmPxg8_zi1vX94_ea8GCGyWEAVArexHNx9uzZXwUPWelAmwcWv7h0sgOMDB-weeedBQfWP9fdODGflTBjKXdnPGwMG2BbLQWbl9IA
date
Fri, 14 Oct 2022 16:57:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 6277
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN7pMzgL_ikk7HVEav53v1w&google_cver=1&google_push=AZmPxg8z4wx6CEHWPn6f8q-MtHPQJ6t-CaIzKGNyHAoSBOUhhJH0UJZbu_GScHrmaDSZs5lOWR8dbEes5P8...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8z4wx6CEHWPn6f8q-MtHPQJ6t-CaIzKGNyHAoSBOUhhJH0UJZbu_GScHrmaDSZs5lOWR8dbEes5P8kEwG14Qkaw8cr9s9Zcyw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6277 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQ00E-R5e_Zf6nXSoCMVAOU2kgXSOqWuxzynTY0G8N9C4XFyYNhK2XVte2fiAnupvntWb4sQ
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5BB4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
6866
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 15:03:13 GMT
expires
Sat, 14 Oct 2023 15:03:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9E4D 		783 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e8470273a3d17de6e39a19d9edaa1c9ddc05ea5fa99fa10a6e1cbf16119cc2a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OV3BNI-QBXYk65AhPUZlQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
516
content-security-policy
script-src 'report-sample' 'nonce-OV3BNI-QBXYk65AhPUZlQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:39 GMT
expires
Fri, 14 Oct 2022 16:57:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4E78 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
166893
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 18:36:06 GMT
expires
Thu, 12 Oct 2023 18:36:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9FD2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
166893
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 18:36:06 GMT
expires
Thu, 12 Oct 2023 18:36:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
300x600.html
s0.2mdn.net/sadbundle/16652350562970762502/ Frame 8317 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
356e3e22149cf8015723f57005155957886eeec7e612ff40985e924a239b3a0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
336839
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2353
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 19:23:40 GMT
expires
Tue, 10 Oct 2023 19:23:40 GMT
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A432 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttnS0CkRT-3WULtEnT96RkhTaqf8PJ3q3ygOS3-8Is8EoJt8kDPKCmtdwpi4wcEy6q91biVTb8GYl1AgOaGAkH1Ex7d3e1rqPsqTwAPZ8U3HGXsGgOm_efUiHH4iM7ytY7pt0oozhUdMl1Khn_7M6Bg5zksLY8VaEH6YFdZqFg-vtFZ0OZV50RGv_5FtCnVDZrUUFIU12-ePH0Qwh17XNLmbZUBrxNN8gYvEtPu05tjeUx4jwDiCVwbT1Y86OOB7RiCLWabcHaOJyo5JFUgdz2QPND3iOykL1YCDZnyE2ws5y6Jbx7BeJpN7scUnlOMugYi0_4dxjVj8nI-w59RGQTAlnWtjOYfJZ5csRIs8osbTChTdcqAsVAENi6OWzvPlH7dXt2k2ukoc5AieUvtuGg5AT_iCPDWh4kLrFqMBlbRZei0wr0BZJBWemWWsdCpKCZI_q8rJALsQDSLhqtsD82R9TfpXBQZ8QgAhPudA4FecIMXwo_q2869NiDu0OPbeeGrLvPfeE9iAAY1f9M0QrFBuclwfFbSPxRDYJ54z5Z-MvFyKbUBkDTQqHAYZgqeIJ778MnL7RO6brPPscVjH6hAEDzUkCpY22emwWds_b5u6bUnK8vdfEGvtiUD5Z3K44umwhP-oEte-Rh1e4TyODQfc-_v775JiKYNg3XnDs3bm_5B2zOpzBiyL2YKp-fH_uZ-Yy0jpIAMaAc802GIlp014VLiJbpxyUa3vHTOPktxTsLL7T3Y-J25SIM1bYJrSAE_w2q4K_OyOMnsbq73FcrqNGIZ3yOHv18w2FXG_QfCMqVILTUEpQTFR9OsecftTTaYrHKepQnv9CZccf_lnW1_4HaExrBLrUmjJKoFFE3kNuixrCBarZSME2o8v-A07XeiUl6epINHiEXHfvzKLH6FkmLESuxHNfq2ys5N6ze0FH4X4jltVJNgiNn5YEllW5CfTPcZP2_YUA24l9_YKebh2dH93DgtBWFf7Fjlz9xBk8-9oPVB2-b6qfCeVjqK1R1JfoMnTp0tKQRKK2Op2W18DgbYb5FYf8zRcehp6rT_5nMXONr8IDpYcX_hJzq7qvBIigrwuQb49L9_dvF821GEFY74AWo-h-T2ZitLJYrW8AJGQ8UHTh4JqP975T19qviVGRWggDIsTXe7cYa3vaUhn5uAtyTyQb4eYSSoRkAxvmTpifxD9L1NPq0k0ERJiaK7Tbgrjh3wh0sadJpFl-z3gbDMnja55AM&sai=AMfl-YRjgifBKrlTy7Qfvb1XCJUYCBuHoau7BTurwsoPHqopYi3ryK0GvCTSPfPzMoj9qM6-97oWUGU1PeONozliVu1r6-93gyHPvjFt5S0uH8fmnz_v_m-8WL8JjAlGFo6m1S_dW8qNRXHT5k18K6zAhd3Gh-IMbB7BkQ2ARxEokQ5PWwtjvsmdirVOawV-UAOvFMzB2SEdcHSoXSfRDc_x_ukftHzlzerUIFGBfmGeA-rUGw0BWuVQ5eqNpfClowxsh5fvp977mhU&sig=Cg0ArKJSzCs7rVr1m37OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=249&cbvp=1&cstd=246&cisv=r20221012.72692&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
s0.2mdn.net/sadbundle/16640814650698498048/ Frame CEDB 		73 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16640814650698498048/CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7056c2012494810bb1a2cc5ecc8246866856b19329bdeb04e3cc5466d42543e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
94582
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18763
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 14:41:17 GMT
expires
Fri, 13 Oct 2023 14:41:17 GMT
last-modified
Mon, 24 Jan 2022 08:38:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2682 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFBAUKW8c017e-dTcjJadtvriHlT7bGutWfetR6zC71qNOSr4yGUqZJQsG-Z90iYKi-fx2NL2LW36pMpGJ7_WLQCPjFXAw-GllQEM82qARvVwpyux1Nh7f8naqarkXjjRfEYMfYlvd1LrOHjP4lCLxG9t7ZAsQLUmpwVjO05BVuYWRBZo3j6u2XOcnkv93ay2lYDTswxbPnRJ3WIKO3EFHKjrZ_u-RxBhKutdRlKqF3DaLnYWfdteOY56K_Ww3v6n6GEqiaMDTf1tEIBDbc0asQ6HUisYguDpjT5sH5K9xLo6MtjV0Gg6Qt3eLwiPwFpEhWQF-ptPSBBZ8Y2zX_s6YEyRJWsitkKV9HlQVZ_e5p4liMliQTXWUEBCFet5D_RorNQoKZ9EX-OEU34_fpCjxJMJtOFC4VjBeJR2Nw26gmB-fsT98wFX_-71zbqKTk026IsJ3t6m5kcotYgBkY_UXq5QL3V9q-7NWbUoR4fURxEGcXr1Iv2mgejZ2GiXGEa1FdHf1EgTTSGEtkMoC6Rq_2XUrNAg7HzN6AMpUo5i0KyHByxp0uL_ZDsT5bz-r7axoWFFELk0H1vRSuYfQ3cgd4U3gRaj71YkKTRpx5teKLNxZTsP9O5cDCeWMwSsFbZA248_iZdJUNl1B1O0V6jQWBSNS1p8xyIsOjDA8rsblX-RjQextP3CV0hcoNlhjMbDXOAxzQLmZcl3avJrKUEpDUQbKMWyYKCY6-O46vGzDGaM24qL-uXjb9ybj7JOZFC-2mVWqcYok1wOBwFLQBOpz1GykoHUAth42n9xM8GCEIkBXOGuTicJlcyh0LKXz-R3J5S-4eyIxijm56qUwwbD00XC_bHXdbd_xcB8oF9e4hV__zA8EkWYQ6LbWxwyVDm1Q2EAyUwUnAnnc0edHasw9x5zJkuFHc5l0b9cafrC4unZxbrdyIkysxqGCe7ghlFcUqp68_VzkL2gYd1JFJlC5c48Q0xesw1q8Z-GZ1Cu9kgUkZRtzFZoK_YIsuGdl4TfuG-zuG55qXHidoVMC26bVoJj6_I961sH3jE4nb7RMmkL8PAXlPmbrgAQGUYBJklXsUh5r7elNwRi5TgmAfva7mzi6wxo1E57rm6mMz4MijSqOaBrlUzo9QjCy5p_QzrBREfnSfxwKJ6GKmQNM1TSFTJdfHZaUEm6ZQWjbqRVESq2KpXJotmQmAaOac6r_ZM0DE7EGhBFg-pwl40JKHrK6QyIuen7u6OofhX4J8HR57Pelh5iqpzbsZJx3rqq2mSEx_SYNdieQi0iNyqv97npcAjuj&sai=AMfl-YTpQpPi3uF2-r0pKT7xelMD08AYdWi0F4TCLOef9J1NCvQZP8nzi4wn03romRf65doa_HTQXusN8DkFGp2S0oGUx1VqE0T0wekwv8lchtWvY4M-h25r_VFjQSBsoDfoJP924WLckxhZJCKLNXYBhh5TtcfiDmj4INcPRJuWcNot8E9DdfSrOg0FDrFBsM1cLUH_qnggHufVnpoPMuQGt8QZieVr3oeXx2tiX3KfLj0bawBqKU9Y-TiHAJijT5pinC0xvu80nPg&sig=Cg0ArKJSzGUjFYnnmhCwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&cbvp=1&cstd=250&cisv=r20221012.47964&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame 4E78 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:59:03 GMT
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame 9FD2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:59:03 GMT
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame 5BB4 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:59:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=4066056206167240&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame CEDB 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16640814650698498048/CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
515563c93d8f56d0cb8e18cb4a1ee55aca2543f8f78822d96f479ca7f8c991f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Oct 2022 16:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 15:17:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Oct 2022 16:57:39 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame CEDB 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16640814650698498048/CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16640814650698498048/CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 21:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 21:22:52 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8317 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 16:57:39 GMT
300x600.js
s0.2mdn.net/sadbundle/16652350562970762502/ Frame 8317 		408 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
235bf55e42b6d23d8d0ccdf6a3493d0e0a7b0c167386e9ad8e3011ee6cd27985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 22:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326067
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67975
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 22:23:12 GMT
generate_204
tpc.googlesyndication.com/ Frame 5BB4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nhm-aw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Finger.png
s0.2mdn.net/sadbundle/16652350562970762502/images/ Frame 8317 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/images/Finger.png
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b702f434be5f6508e6b38e25fc3f5aa958e9f9cbca8ed72d970fc5888770912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 06:43:37 GMT
x-content-type-options
nosniff
age
36842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1577
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Oct 2023 06:43:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A432 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttnS0CkRT-3WULtEnT96RkhTaqf8PJ3q3ygOS3-8Is8EoJt8kDPKCmtdwpi4wcEy6q91biVTb8GYl1AgOaGAkH1Ex7d3e1rqPsqTwAPZ8U3HGXsGgOm_efUiHH4iM7ytY7pt0oozhUdMl1Khn_7M6Bg5zksLY8VaEH6YFdZqFg-vtFZ0OZV50RGv_5FtCnVDZrUUFIU12-ePH0Qwh17XNLmbZUBrxNN8gYvEtPu05tjeUx4jwDiCVwbT1Y86OOB7RiCLWabcHaOJyo5JFUgdz2QPND3iOykL1YCDZnyE2ws5y6Jbx7BeJpN7scUnlOMugYi0_4dxjVj8nI-w59RGQTAlnWtjOYfJZ5csRIs8osbTChTdcqAsVAENi6OWzvPlH7dXt2k2ukoc5AieUvtuGg5AT_iCPDWh4kLrFqMBlbRZei0wr0BZJBWemWWsdCpKCZI_q8rJALsQDSLhqtsD82R9TfpXBQZ8QgAhPudA4FecIMXwo_q2869NiDu0OPbeeGrLvPfeE9iAAY1f9M0QrFBuclwfFbSPxRDYJ54z5Z-MvFyKbUBkDTQqHAYZgqeIJ778MnL7RO6brPPscVjH6hAEDzUkCpY22emwWds_b5u6bUnK8vdfEGvtiUD5Z3K44umwhP-oEte-Rh1e4TyODQfc-_v775JiKYNg3XnDs3bm_5B2zOpzBiyL2YKp-fH_uZ-Yy0jpIAMaAc802GIlp014VLiJbpxyUa3vHTOPktxTsLL7T3Y-J25SIM1bYJrSAE_w2q4K_OyOMnsbq73FcrqNGIZ3yOHv18w2FXG_QfCMqVILTUEpQTFR9OsecftTTaYrHKepQnv9CZccf_lnW1_4HaExrBLrUmjJKoFFE3kNuixrCBarZSME2o8v-A07XeiUl6epINHiEXHfvzKLH6FkmLESuxHNfq2ys5N6ze0FH4X4jltVJNgiNn5YEllW5CfTPcZP2_YUA24l9_YKebh2dH93DgtBWFf7Fjlz9xBk8-9oPVB2-b6qfCeVjqK1R1JfoMnTp0tKQRKK2Op2W18DgbYb5FYf8zRcehp6rT_5nMXONr8IDpYcX_hJzq7qvBIigrwuQb49L9_dvF821GEFY74AWo-h-T2ZitLJYrW8AJGQ8UHTh4JqP975T19qviVGRWggDIsTXe7cYa3vaUhn5uAtyTyQb4eYSSoRkAxvmTpifxD9L1NPq0k0ERJiaK7Tbgrjh3wh0sadJpFl-z3gbDMnja55AM&sai=AMfl-YRjgifBKrlTy7Qfvb1XCJUYCBuHoau7BTurwsoPHqopYi3ryK0GvCTSPfPzMoj9qM6-97oWUGU1PeONozliVu1r6-93gyHPvjFt5S0uH8fmnz_v_m-8WL8JjAlGFo6m1S_dW8qNRXHT5k18K6zAhd3Gh-IMbB7BkQ2ARxEokQ5PWwtjvsmdirVOawV-UAOvFMzB2SEdcHSoXSfRDc_x_ukftHzlzerUIFGBfmGeA-rUGw0BWuVQ5eqNpfClowxsh5fvp977mhU&sig=Cg0ArKJSzCs7rVr1m37OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=605&vt=11&dtpt=356&dett=3&cstd=246&cisv=r20221012.72692&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame CEDB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 23:09:50 GMT
x-content-type-options
nosniff
age
323269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 23:09:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CEDB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 13:27:29 GMT
x-content-type-options
nosniff
age
12610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 13:27:29 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CEDB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
346367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 16:44:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E78 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz-XZApVJY4iUOZKfgAfOxr74BAAAAAA4AeAEAg&bg=!ra6lrurNAAYeOJy_Pjg7ACkAdvg8Wos7YVubwZ5sUem9oIo6M7r7M65vWlYqvXlXfkS39YiYCRqZqwIAAAD8UgAAAAJoAQeZAu41F88NNvCmk9mo-Y5pJY94agn5pK2lhd9RJ8PqiL2CqGNZyjwdCcOa0DIRjw1Wd56kqgWZLTrAjp0HmdfZVqqqF7UQpGinb--AWNHK8l25aaYgnNvig45eTzUsUwcBO4oX4l6x_eZEjI3G3BGOCyqmWsHfbPIdhT8R1PZdo_8FFjgpJB2HxLP737sP1mvb57cgIx_YoAqr-8ImRDQEFnB32LZE3OA1ivvah6YtWwmifedkjSC63lBgd0vXpkXX0u7d5EAUq0Y75R1SBeN10t7jWdICnA3vxSqNs794eY3zSTyRmAf0hI0vik7rmqAYjaiwMcCPXGtOoSavzz6EkldbFxeaIsdllI6bgFIPNWUGF4ko55A9ZX7WEa0qUc621P0WsY6s6kJDr8r8xi1vKungwAwMhzP9qMUG4XJ5V9oVIjvtsm9rpGdC1aXiwhUyLkvo1Lmagj4KCktV-xGu86qQnGqVamA4fdwI5jGxvv2DFi5Spf0rw29lsTrCBbNhCeEXhEk0YUeLffqiEq0hGqY8G-iklaFoFmRB68onaIBtVVTb3J02mpRSoD4TV0gZgm1g6nlvhGWQM-11M83XUYnQhvl79kurTvjb0Fx99OPLkNI-tcWXWANKgmhrla2W2pl9KqGHXhfcmTosI4Cb8zy1s0qNbsdLtYXXmrFipgXsPOSo3I2CnYO-gZkdg1nbFf22Epa4hup9mLNu0e7ZTjLLF1Jxo-EvU0UP1dmQUtjgrQeXCUlpMuHa-_iWqb43P1nC068k9fGdRSoheBV5r7tnHg4BkK8XlhzZO_jWtKsj5u4l7761ng4HHiw2Se0wUd5L0ERqQ0oLAKmPPyuwnWozZZ0ZfAbUvmYC6JZtsAEg4_5OWAxa9v6sQhzbOpXoI9TEHxtgCCBN0NTxdinXVGK-_MEeZjrCHspLPG3PrWEKBzpwKIkELOz_WdDmOG2hTrV56g2SIBLxOXNWo1eh3GnK6C-WHkBvpWtCX79VSYk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FD2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZFPqApVJY8SrOfO-9u8Ppu-wkAUAAAAAOAHgBAI&bg=!c3ClcDTNAAYeOJy_Pjg7ACkAdvg8WpGxKy4QoJnZjdBrHfUYvgfeqBkgTlYLCkDvS78QoJgbrLK65gIAAAEAUgAAAAFoAQeZAu8U-JN_HJNABpwIw7AIJ8Dhad7LWa9kJPG0izXAxaG2K5labbNZX2M5bG0kVH5LgM8X1jp7_dN7gR4HPWlromnVRDB3YBaI1WBRn7KWtN8VCgtqEH7rwaghLUJ0rmgrRyBWsN6DAKDAZ1Yp8kDTgkeQcPSBj2Ygr5Yebx0kH1evYk7wl2Idie8ncd0kOl4xj-OyIDVTNO6GRcmWC38-2uxS4F8buQNA2ZwdbSD_z28xJzRQ5nxTzf7ARVlkMdaXGodjdpHh6H3HCNv0MDPajwe8pjxTAicVf6ieBsfsrxWKxe2SSzz2zU8UGFw9KlHcqP5UtuH1PZ83tB3acRLnB_nryDJ2T-7vEU4H72megjdVLph1YzsxKSEwJ5UziwLKGDKBB_TaHljj_tn6RZGe7-R5OikaIw99dTQ9MMiU4AXYrhe4IzSMDnjkL03UoA2Cusqo5EjYdJ_MAKARjMZ0Zdwrd12Buk_xxZvXG9yowxZjsxtywCGhbjLJt09mpZ9j8TmPMTIiYfrzzHq2lMGxGmJipSquvFYrHntgqad0Uyz-WXHE7r9iaKGInu-fKvwsxS7Nu70c_lXjRFAfAqGzpu-VfnPU6SFxqkUNjWSzri_J-1s116eZHF3RCEXF2IA7fcYfY3zQRjor1SPPCMaTL9t-l8-2vwBjhtpoOWb-gcDT4CqAvmDGKAT3QvszZoa4jadQvEp_OMmZZr9ogFTeA7LHo0M78kXUdXL7jgO53bW3IGEGzp5z4U880BLuFUwYVqIVVyi2rNhwSWeaIyGxJhrSFna90nGprXw_UM8-_6WA6ZPDeykmJ_WHJTKxmBThJCVAFUSJkjtDuRqMepDpaaP4tpRhVEqs17RgsRMQQcZSByzkt9CbgKdYgcwTOw95d1EwfAGsSgO84QCGb7tNU6jWr3x8tIlzdoSTEhxhpGdcf7pX1eQ-INISmZD-OornCzDuA8DJ2-P2aCIkux7WrGwxNq7OVmFNN6uONeWzJQvj
Requested by
Host: bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
URL: https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
elin-nordegren-tiger-woods-ex-getty-images-20.jpg
s0.2mdn.net/sadbundle/16640814650698498048/ Frame CEDB 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16640814650698498048/elin-nordegren-tiger-woods-ex-getty-images-20.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16640814650698498048/CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b185cc4255a9da79b46d897d48f35e74759d04e09367b25455e62a3d1dc360d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16640814650698498048/CR_popcornews.com_BL_NL_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 14:41:17 GMT
x-content-type-options
nosniff
age
94582
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58507
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 08:38:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 14:41:17 GMT
Girl.png
s0.2mdn.net/sadbundle/16652350562970762502/images/ Frame 8317 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/images/Girl.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cab8c1c17777ef850d058659ab3d6496408e7dc6ca5351986d3aeafc544bbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 08:09:26 GMT
x-content-type-options
nosniff
age
31693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40194
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Oct 2023 08:09:26 GMT
Hand.png
s0.2mdn.net/sadbundle/16652350562970762502/images/ Frame 8317 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/images/Hand.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3be64d3b89dff356e60dd39747bae43eceed1fbffc70314267775285db3c412d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:01:39 GMT
x-content-type-options
nosniff
age
316560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8287
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 01:01:39 GMT
truncated
/ Frame CEDB 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Jar.png
s0.2mdn.net/sadbundle/16652350562970762502/images/ Frame 8317 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/images/Jar.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
577e9ef72f4152f4979ff8e07d9a41757e18ee8e5265ccab0aba1307bdf147eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 03:22:32 GMT
x-content-type-options
nosniff
age
308107
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8791
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 03:22:32 GMT
Logo.png
s0.2mdn.net/sadbundle/16652350562970762502/images/ Frame 8317 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/images/Logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a4531b5ae338d0caaed1274ca3d0d164b3380a204510cc1385d6ac6624bfe07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 16:52:58 GMT
x-content-type-options
nosniff
age
345881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2600
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 16:52:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2682 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFBAUKW8c017e-dTcjJadtvriHlT7bGutWfetR6zC71qNOSr4yGUqZJQsG-Z90iYKi-fx2NL2LW36pMpGJ7_WLQCPjFXAw-GllQEM82qARvVwpyux1Nh7f8naqarkXjjRfEYMfYlvd1LrOHjP4lCLxG9t7ZAsQLUmpwVjO05BVuYWRBZo3j6u2XOcnkv93ay2lYDTswxbPnRJ3WIKO3EFHKjrZ_u-RxBhKutdRlKqF3DaLnYWfdteOY56K_Ww3v6n6GEqiaMDTf1tEIBDbc0asQ6HUisYguDpjT5sH5K9xLo6MtjV0Gg6Qt3eLwiPwFpEhWQF-ptPSBBZ8Y2zX_s6YEyRJWsitkKV9HlQVZ_e5p4liMliQTXWUEBCFet5D_RorNQoKZ9EX-OEU34_fpCjxJMJtOFC4VjBeJR2Nw26gmB-fsT98wFX_-71zbqKTk026IsJ3t6m5kcotYgBkY_UXq5QL3V9q-7NWbUoR4fURxEGcXr1Iv2mgejZ2GiXGEa1FdHf1EgTTSGEtkMoC6Rq_2XUrNAg7HzN6AMpUo5i0KyHByxp0uL_ZDsT5bz-r7axoWFFELk0H1vRSuYfQ3cgd4U3gRaj71YkKTRpx5teKLNxZTsP9O5cDCeWMwSsFbZA248_iZdJUNl1B1O0V6jQWBSNS1p8xyIsOjDA8rsblX-RjQextP3CV0hcoNlhjMbDXOAxzQLmZcl3avJrKUEpDUQbKMWyYKCY6-O46vGzDGaM24qL-uXjb9ybj7JOZFC-2mVWqcYok1wOBwFLQBOpz1GykoHUAth42n9xM8GCEIkBXOGuTicJlcyh0LKXz-R3J5S-4eyIxijm56qUwwbD00XC_bHXdbd_xcB8oF9e4hV__zA8EkWYQ6LbWxwyVDm1Q2EAyUwUnAnnc0edHasw9x5zJkuFHc5l0b9cafrC4unZxbrdyIkysxqGCe7ghlFcUqp68_VzkL2gYd1JFJlC5c48Q0xesw1q8Z-GZ1Cu9kgUkZRtzFZoK_YIsuGdl4TfuG-zuG55qXHidoVMC26bVoJj6_I961sH3jE4nb7RMmkL8PAXlPmbrgAQGUYBJklXsUh5r7elNwRi5TgmAfva7mzi6wxo1E57rm6mMz4MijSqOaBrlUzo9QjCy5p_QzrBREfnSfxwKJ6GKmQNM1TSFTJdfHZaUEm6ZQWjbqRVESq2KpXJotmQmAaOac6r_ZM0DE7EGhBFg-pwl40JKHrK6QyIuen7u6OofhX4J8HR57Pelh5iqpzbsZJx3rqq2mSEx_SYNdieQi0iNyqv97npcAjuj&sai=AMfl-YTpQpPi3uF2-r0pKT7xelMD08AYdWi0F4TCLOef9J1NCvQZP8nzi4wn03romRf65doa_HTQXusN8DkFGp2S0oGUx1VqE0T0wekwv8lchtWvY4M-h25r_VFjQSBsoDfoJP924WLckxhZJCKLNXYBhh5TtcfiDmj4INcPRJuWcNot8E9DdfSrOg0FDrFBsM1cLUH_qnggHufVnpoPMuQGt8QZieVr3oeXx2tiX3KfLj0bawBqKU9Y-TiHAJijT5pinC0xvu80nPg&sig=Cg0ArKJSzGUjFYnnmhCwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=758&vt=11&dtpt=505&dett=3&cstd=250&cisv=r20221012.47964&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2682 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1e0be455dc266b3d0a0622293957ea21bf19d21abccefbce6fdd2314bf54eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5763
x-xss-protection
0
Stuff.png
s0.2mdn.net/sadbundle/16652350562970762502/images/ Frame 8317 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16652350562970762502/images/Stuff.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f298de790d4f6da777081d27276127edc791ee096bf194973acb8f9b97e8d2ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16652350562970762502/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 05:07:19 GMT
x-content-type-options
nosniff
age
42620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:44:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Oct 2023 05:07:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2682 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 16:57:40 GMT
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame 3A0E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:59:03 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 16:57:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2682 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_8pu7k5dxDU9C4RIzWutxbiv0fbkoO_FmU4cM5DAMxNEEqdCEfRoXLYqrGExXwCPf5zJWr5tmb_4VboQJg3qCP3mgj_cVKO2YM9x0kJZqfeiJzSdMqXd0rhnfgG6KtUGzCxkESQ&sai=AMfl-YTPNoowtICwq_Xa61mMUFTVBOxtJtE-hOI2rrDNXbH7TKRFq3989UIWTembO917Ahmc0J4Az87tZHY-_Z1tOcfPt5PDObxfkJxq1kgwRGIhvDLG9MzjCA3NQgL8fA&sig=Cg0ArKJSzODTquVk4t5hEAE&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&id=lidar2&mcvt=1052&p=1020,117,1200,1483&mtos=1052,1052,1052,1052,1052&tos=1052,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3749508852&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665766658731&rpt=419&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=4066056206167240&bg=!uLulu__NAAYeOJy_Pjg7ACkAdvg8Wj4gmE2Gu8DDCcDSEOp_a2Yt5FG92FiLKCvziN5M1jlUcTdZ6AIAAAD5UgAAAARoAQcKAG81TldUTE8Qflp4fGliGoioydelxgVixdaTd9NUZkN7xlE30duQVlvRiPzytvptiQVvnL4nWMrcjfTkC68z0WyU3HQ0pZ1wHjVNcN0avVTTn2r1avC5Uok3sOTTG89HpLaG3PKuIg0UiJB0rNFu8u6ZApyEoJ2keTFLlQ7N42KNyafHtQqiEU6mZa39cx1F_hYzSjKt1rwaNPslizmoEuJ_UO42PBNQ21xxtcTbtsjAIkOKYGnJekbprcZ-Q0G2gIDUNqSSXR90XJhkGduU4V2gB6WSXqx_grCPZ7neoE4ELDzm81Per5sfEF8wRH5k2cB9jbxYi9Q6JRCSQtSDzTbYXSEl_oS4kbSRLBntIRb4Gmfc65GwxJXafnglJMMuQbTCrmQBZ57q90nq6Kk0yUG2KqLDl7xF-FFMcD2izU7HHOsvNZrdVojH9DkEcsnx7i_Asehi6FYXUPccG3p6GN3nGCdWfGj_-GEvENmHQUYlP8UfowoWLaTaa-L0MMTE_mxXt-zehiL6YG15ZyBPviBH9G3ib3Fckwt8qvtScs1Ui41QG4vhkBd8ZM9DxefELChScEl_u7bo8xowMseoDu0UupnJ3bWQyXsTV_th3l0lHjteqK2Mr6U8IvoT_JRYlivPtB3rmux98QXrzg9TanUgArmGmacPzsUzG4FGr4lME2ZAgcpqylYpIEc5jv9MfVfnxSyeAJR-E4IHtFWyYuLruj0ZhCEbkYLmj9iB-wRmfKxwpfud60Oq9zfxFjfgpbYFEv43S3uSbkYj2dUTYLle_r1sHVOpwHnJoJgAMyiSRmstKzz8kfttmN1GG59aZSe55fETTbaX21BBU8jW8y4vkLTGfB00D_pv1T6VLSQ7bo-fvQNuuSoGATpx7WuV8q98H_-6dSG1SakWDvBym2Heb-HfeFLzPzlzmU1oXk456Fat5-Vxs9Y9YO7fJ3pJfFiVHTYGY1LLHVSG99gsQp76dWv3Bd0i-QkQ5AvqCSbomiOv2rgxnzgegmP0-lfw0i48i0KUrE8VFK-r1Um0gA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame A432 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXh67q0-UePBehz9uHi9yS8pC-1EAdjLEddE2MIr7XD5CC_G51yGWxV47OzxoFEhkHw39Er8DDtyF_7ywROPAuLywsuwdtlLGgsOTie-bpU41GqIivgkBRDEnxC60hXynkbvbNeg&sai=AMfl-YTZ20WbQynB5-cAH8gnEZr7sTT-kCLg_Gf6UcewZnCGJvIESbXGu2vSS8EBmbBDhKsyTCQ28CyioBE1TEnU4lcIMgfpSDVNtJ3wp8S3835pFbqn7V4zSArErx6JaQ&sig=Cg0ArKJSzKQl881PlbPhEAE&cid=CAQSOwCsnQUx-Sk3EaMnT5wJPacetwmeeYzE9l2c7ehIsz-qnEWavsGewAnp0BIMVEVsZfDfuFg6GrloY6XqGAEgDg&id=lidar2&mcvt=1027&p=945,1263,985,1304&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=952306158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665766658738&rpt=360&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame C621 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntn.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 16:57:40 GMT
server
Kestrel
server-processing-duration-in-ticks
1072645
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 16:57:40 GMT
sid
mug.criteo.com/ Frame C621
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ntn.ua&sn=ChromeSyncframe&so=0&topUrl=ntn.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=bwRPaXxTZmFON2twSTg5QlIxcEQwYjd1WnRRRmlubTltNmVEbUFGcStxbEFHaEdUNEhCbHBaeHVGaTZlQjNtNU1NUllrejYwaU5OajJGRVMvQXpiMk9GbFFoTk5sRXRaV2pFNHdMaEYwTmlDb3R2c2Eyb2NDQlhaSjc0Vz...
428 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bwRPaXxTZmFON2twSTg5QlIxcEQwYjd1WnRRRmlubTltNmVEbUFGcStxbEFHaEdUNEhCbHBaeHVGaTZlQjNtNU1NUllrejYwaU5OajJGRVMvQXpiMk9GbFFoTk5sRXRaV2pFNHdMaEYwTmlDb3R2c2Eyb2NDQlhaSjc0VzQvVGZWOGhMQWRUd2luRUdOdU1zZ0dIdVhHUUc3WEYzSmplUXEzTGJ4NmdYcnVWU2h6MWhqZHU2YlUxVUlpZFJ0Q0VvK3JaWFhjUERVOUxSbFd6M0grcmRJSGt6aXVxcEhCTUJjVjk0UXl2NWU3TmlsZ2syZXpudnhxam1QaFY4eGZ1TGxvSFFnYi9JeVhoMkNWbE1WZk1tbG1ZaE9MUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
248b00acc6446900a94f185c75c388a9d5434120f262727dba60d67f51a69c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6683903
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=bwRPaXxTZmFON2twSTg5QlIxcEQwYjd1WnRRRmlubTltNmVEbUFGcStxbEFHaEdUNEhCbHBaeHVGaTZlQjNtNU1NUllrejYwaU5OajJGRVMvQXpiMk9GbFFoTk5sRXRaV2pFNHdMaEYwTmlDb3R2c2Eyb2NDQlhaSjc0VzQvVGZWOGhMQWRUd2luRUdOdU1zZ0dIdVhHUUc3WEYzSmplUXEzTGJ4NmdYcnVWU2h6MWhqZHU2YlUxVUlpZFJ0Q0VvK3JaWFhjUERVOUxSbFd6M0grcmRJSGt6aXVxcEhCTUJjVjk0UXl2NWU3TmlsZ2syZXpudnhxam1QaFY4eGZ1TGxvSFFnYi9JeVhoMkNWbE1WZk1tbG1ZaE9MUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
724556
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ntn.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 14 Oct 2022 16:57:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
550279
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pDhS_Xw4VzMraU1LeCt0VkFCNzN1NUt2NWU2NVE3MW9xNFVMbUh2R1UxaktPWnVEejBQRXk1bjgxNzNtdDQ0dC9xT0FLcTRjdFNEaGR2SkU5empMZzl2OFFxdDBTK1dXL1lmWG5KSFpKc2Y0TWE2cTFjUVRNN3poM3dJRz...
426 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pDhS_Xw4VzMraU1LeCt0VkFCNzN1NUt2NWU2NVE3MW9xNFVMbUh2R1UxaktPWnVEejBQRXk1bjgxNzNtdDQ0dC9xT0FLcTRjdFNEaGR2SkU5empMZzl2OFFxdDBTK1dXL1lmWG5KSFpKc2Y0TWE2cTFjUVRNN3poM3dJRzRjelBSd2lFOHAzWnpNM2dKdGVHT2dWakZ6b25MMEZyRUx4bWJ2RnVGOHVReVBZUHFocGdIUUo1cmhrQ0x3OS9hWmNSVjkvM1hUN2cwM2xUSU05WGx1c1V6TlBwWlAyVFRpaGdEK3NwTnFVWmRLWGV3WjVMVm1lZzlIMXI0RVVEUjE1WHJIUXdSdVRKYW1Hd0hNUmhJSHVqN2tDZnlYUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
518e3547a64db6c3a5859b4ea3eb6053508cef8beccaf936bed08f67170c84a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1368461
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=pDhS_Xw4VzMraU1LeCt0VkFCNzN1NUt2NWU2NVE3MW9xNFVMbUh2R1UxaktPWnVEejBQRXk1bjgxNzNtdDQ0dC9xT0FLcTRjdFNEaGR2SkU5empMZzl2OFFxdDBTK1dXL1lmWG5KSFpKc2Y0TWE2cTFjUVRNN3poM3dJRzRjelBSd2lFOHAzWnpNM2dKdGVHT2dWakZ6b25MMEZyRUx4bWJ2RnVGOHVReVBZUHFocGdIUUo1cmhrQ0x3OS9hWmNSVjkvM1hUN2cwM2xUSU05WGx1c1V6TlBwWlAyVFRpaGdEK3NwTnFVWmRLWGV3WjVMVm1lZzlIMXI0RVVEUjE1WHJIUXdSdVRKYW1Hd0hNUmhJSHVqN2tDZnlYUT09fA&cppv=2
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
735529
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ 		216 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
2931e119fd995555a60c592b7503f2ea35459c72e14b64736025960a33bf4d2c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntn.ua
date
Fri, 14 Oct 2022 16:57:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
csync.loopme.me/ Frame EA71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75a1db01fb33b7c7-AMS
date
Fri, 14 Oct 2022 16:57:41 GMT
server
cloudflare
usync.html
eus.rubiconproject.com/ Frame 3BBB 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 16:57:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame A66B 		666 B
727 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462712/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6f6703f9e886020374adceb1eb1be044d49d70a03f7b73c60c6893530952f86b

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
414
content-type
text/html
date
Fri, 14 Oct 2022 16:57:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
eu-u.openx.net/w/1.0/ Frame A66B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=34576349-9505-4f00-bf16-ed56c61e0e72
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=34576349-9505-4f00-bf16-ed56c61e0e72
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 14 Oct 2022 16:57:41 GMT
Server
MT3 4539 98cc2da master zrh-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=34576349-9505-4f00-bf16-ed56c61e0e72
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 14 Oct 2022 16:57:40 GMT
sd
us-u.openx.net/w/1.0/ Frame A66B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zeMm0sLlItjW5CbdzOQ_3sy0c9PWtCSJyLEJV3-D
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zeMm0sLlItjW5CbdzOQ_3sy0c9PWtCSJyLEJV3-D
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zeMm0sLlItjW5CbdzOQ_3sy0c9PWtCSJyLEJV3-D
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A66B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6794764662481682486
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6794764662481682486
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6794764662481682486
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame A66B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=96ebb922-b4bd-7cdb-cf5a-60527c2ee80e&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A66B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE4NDZhZTgtN2RjYS0yMjdmLWRhYmEtM2FlYmI2Y2MyNjZl
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A66B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBuzAMyv1mTL3N37axUTIXk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBuzAMyv1mTL3N37axUTIXk&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBuzAMyv1mTL3N37axUTIXk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pDhS_Xw4VzMraU1LeCt0VkFCNzN1NUt2NWU2NVE3MW9xNFVMbUh2R1UxaktPWnVEejBQRXk1bjgxNzNtdDQ0dC9xT0FLcTRjdFNEaGR2SkU5empMZzl2OFFxdDBTK1dXL1lmWG5KSFpKc2Y0TWE2cTFjUVRNN3poM3dJRzRjelBSd2lFOHAzWnpNM2dKdGVHT2dWakZ6b25MMEZyRUx4bWJ2RnVGOHVReVBZUHFocGdIUUo1cmhrQ0x3OS9hWmNSVjkvM1hUN2cwM2xUSU05WGx1c1V6TlBwWlAyVFRpaGdEK3NwTnFVWmRLWGV3WjVMVm1lZzlIMXI0RVVEUjE1WHJIUXdSdVRKYW1Hd0hNUmhJSHVqN2tDZnlYUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 14 Oct 2022 16:57:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
527516
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 3BBB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:57:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18671
Connection
keep-alive
Content-Length
9421
Expires
Fri, 14 Oct 2022 22:08:52 GMT
tap.php
pixel.rubiconproject.com/ Frame 3BBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-xgQPgDT9IZMTF4RaG3VjQ?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6421478311693402939
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6421478311693402939
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 14 Oct 2022 16:57:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6421478311693402939
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 3BBB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 3BBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOU_sv-RuailUF3n5GQK7F4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOU_sv-RuailUF3n5GQK7F4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOU_sv-RuailUF3n5GQK7F4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3BBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4UUdKSU4tWi1GUFpR&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4UUdKSU4tWi1GUFpR&gdpr=0
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4UUdKSU4tWi1GUFpR&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3BBB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aVIHGHEVR8eFGbSW6l3d-g&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aVIHGHEVR8eFGbSW6l3d-g&gdpr=0
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aVIHGHEVR8eFGbSW6l3d-g&gdpr=0
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NJ1F23YVFPPP41N9BB57
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aVIHGHEVR8eFGbSW6l3d-g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 3BBB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cUQY-akBRr-pZ6UnFkMnQw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cUQY-akBRr-pZ6UnFkMnQw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cUQY-akBRr-pZ6UnFkMnQw&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 16:57:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P6849S4Z583ASM59KWW1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cUQY-akBRr-pZ6UnFkMnQw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 3BBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98QGJIN-Z-FPZQ&gdpr=0
0
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98QGJIN-Z-FPZQ&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:57:41 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CCB502826E5B4E80924BDEC761DBAFA6 Ref B: AMS04EDGE1114 Ref C: 2022-10-14T16:57:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrAYYqHMULEzKPXiI8BQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98QGJIN-Z-FPZQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3BBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAxYTY3OWM5MDFhOTE5NjZmNTRjYWU4NDk5ZWZjYzNjODk4MjQzYg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAxYTY3OWM5MDFhOTE5NjZmNTRjYWU4NDk5ZWZjYzNjODk4MjQzYg&gdpr=0
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:57:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAxYTY3OWM5MDFhOTE5NjZmNTRjYWU4NDk5ZWZjYzNjODk4MjQzYg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 16:57:43 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=FE2268F44A7E41E68DDFA3EBFA7A3A63&time=1665766663014&location=https%3A%2F%2Fntn.ua%2Fuk%2F&referrer=&is_flash=0&session_id=685671275&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=2320&param5=7&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ntn.ua/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 16:57:43 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| respond object| swfobject function| jwplayer function| $jw undefined| _userPlayerReady function| playerReady function| _utils function| _css function| _hide function| _show function| ts_toggle function| fnHasClass function| array_merge boolean| g_tv_filter_type boolean| g_tv_filter_time undefined| g_tv_filter_elements function| tvSetFilterProductType function| tvSetFilterTime function| scrollerSwitch function| CommentFormClass object| commentFormObject object| jQuery181018692599344950334 object| g_images function| preloadImages function| ga_outbound function| printPage string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| VMAP function| __onGCastApiAvailable function| ga object| adt object| googletag object| vmpbjs object| vpb number| device_width object| dataLayer function| fbq function| _fbq function| gtag function| bk_async object| vmpbjsChunk object| _pbjsGlobals object| google_tag_data object| gaplugins number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r function| hideCatfishAd number| tns_already object| tnscm_adn object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| ggeac object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject object| gaGlobal object| gaData object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm object| cm_events undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| Criteo function| CrossDomainStorage object| GoogleGcLKhOms object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

61 Cookies

Domain/Path Name / Value
ntn.ua/uk Name: b
Value: b
.adtelligent.com/ Name: vmuid
Value: a59ae39e310cf151
.ntn.ua/ Name: _ga
Value: GA1.2.167208625.1665766658
.ntn.ua/ Name: _gid
Value: GA1.2.2090040133.1665766658
.ntn.ua/ Name: _gat_gtag_UA_157387674_2
Value: 1
.bidr.io/ Name: bito
Value: AAI-rE7GkyoAAB7w_dVigQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.ntn.ua/ Name: _gat_UA-3902239-38
Value: 1
.ntn.ua/ Name: _fbp
Value: fb.1.1665766657929.438015360
ntn.ua/ Name: _pbjs_userid_consent_data
Value: 2024371239917068
.ntn.ua/ Name: _pubcid
Value: 4547867b-1d3a-432c-958c-a8ba1809dbf3
.ntn.ua/ Name: __gfp_64b
Value: wVd764c9CMRkOFz53C1iM_xfJagY4jistMxCQAp89Ar.n7|1665766657
.mfadsrvr.com/ Name: tuuid
Value: a44a9126-976d-4c9f-93a2-90f02ddf8c85
.mfadsrvr.com/ Name: c
Value: 1665766658
.mfadsrvr.com/ Name: tuuid_lu
Value: 1665766658
a4p.adpartner.pro/ Name: apuid
Value: 9591dedf-1120-4045-8ea4-e2d33ba3b18c
.mfadsrvr.com/ Name: ssh
Value: !adtelligent,1665766658
.ntn.ua/ Name: __gpi
Value: UID=00000b72b59dadd3:T=1665766658:RT=1665766658:S=ALNI_MbZ8I9sXRUdCTO1xxCK8DiGm8mBqg
.hit.gemius.pl/ Name: Gtest
Value: KlSIMRaGQMQGtBOf47n8eEFissGMXP8c25nSGYwlYELIXBG.
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: FewZvBZHKUEV7PtlSw6yzYIl
.openx.net/ Name: i
Value: 4547867b-1d3a-432c-958c-a8ba1809dbf3|1665766658
.rubiconproject.com/ Name: khaos
Value: L98QGJIN-Z-FPZQ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpoJXJ5S4/y8+fhqFI7AU9U903mtsHdljAvSS9iaIW8fDcyTHkMzt2pj1ZvYpPUliAcHHmv29zUs0PIHI3a0fHR
.hit.gemius.pl/ Name: Gdyn
Value: KlQUPRXGQMQGtBOf47n8eEFissGMXP8c25nSGYwlYELIFRxSG7RrGS6GN9FBFlM1YH8PlexaG0F6Sssa
.adtelligent.com/ Name: a736011
Value: a44a9126-976d-4c9f-93a2-90f02ddf8c85
.adtelligent.com/ Name: a307558
Value: 9591dedf-1120-4045-8ea4-e2d33ba3b18c
.doubleclick.net/ Name: IDE
Value: AHWqTUm8mgSRPez8I_LwEqp8MCRgHV3hCGDC3IpOd3GIJoWZqO3WBCtUgKxZ4mRvm6g
.ntn.ua/ Name: __gads
Value: ID=17b244608948b6dc:T=1665766658:S=ALNI_MaUXYPBSIO7an0aYdQCHjeAU6gvlA
.casalemedia.com/ Name: CMID
Value: Y0mVA70QpDBDEc1OCq6wqgAA
.casalemedia.com/ Name: CMPS
Value: 3304
.casalemedia.com/ Name: CMPRO
Value: 3304
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaRonjNb!@wnfH8K6pQK`!5=E<*L5>xj'4=:b:.z:bQj5#wv1JlI4bMdcg@Q7[k_@>zZ%nugO%v4VB%nms7)s95e
.ctnsnet.com/ Name: cid_7a42263f2471403dafffe07529ec6eb8
Value: 1
.ctnsnet.com/ Name: gid_CAESEHWG71cwLTA_M5srkInbfNM
Value: 1
.3lift.com/ Name: tluid
Value: 3654839484457506751883
.adfarm1.adition.com/ Name: UserID1
Value: 7154413323182143643
.quantserve.com/ Name: mc
Value: 63499503-44674-57da8-d6b3a
.yahoo.com/ Name: A3
Value: d=AQABBAOVSWMCEFFXHEctahlbAkc4FmBCMUcFEgEBAQHmSmNTYwAAAAAA_eMAAA&S=AQAAAqTdjOu5p7ZtVQ0vpdyZxmg
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9383c857-7f26-445f-a1e1-7af445270f09-003%22%7D
.adnxs.com/ Name: uuid2
Value: 3423944433257206332
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: tuuid
Value: 179033b3-0a17-47d8-ad07-b4c1c3c21314
.360yield.com/ Name: tuuid_lu
Value: 1665766659
.de17a.com/ Name: guid
Value: 1.805723818778715135
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~27ps
.casalemedia.com/ Name: CMTS
Value: 1189
.adform.net/ Name: uid
Value: 6794764662481682486
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9383c857-7f26-445f-a1e1-7af445270f09-003%22%7D
.criteo.com/ Name: uid
Value: 6e57ed02-369e-47f7-b506-021ad1338218
.openx.net/ Name: pd
Value: v2|1665766661|gekin0vNiygu
.quantserve.com/ Name: d
Value: EFUBDwGqJ4EPisMA
.mathtag.com/ Name: uuid
Value: 34576349-9505-4f00-bf16-ed56c61e0e72
.ntn.ua/ Name: cto_bundle
Value: lcMT518lMkIlMkJ1N2VudFVpV0hDRiUyRlZVSUJHNXVOUVpXVEh5NElyR1FUNll2M3VmZGZmOWRkdlgxdHkxcFgzbHhuU1VueWxMRDNFOHpjSXp4UzFtUlJkZXFGcnJBbXRpJTJCJTJGd0V2ZzM5QmpkSk5kbllma0RFUHFzV1psOUJXU09PbjBBZ0V6JTJGaUhIOGtXRWZNb2Q2TVZmcFZFeHl0TVElM0QlM0Q
.ntn.ua/ Name: cto_bidid
Value: nVLwal9qMXlvUmVldmxhcmtyMGl0cmJtZGhDUnZvTSUyRkJPYnM2NGJIaVYxMVlRQVppNEZUZTJ2SHNKR2tudU5MaVQwYThlTUw0ZGtrM3ZYZW1HNyUyRnpmc2NuSXZkQkZteGswZURWTThtQVZBd0ttRGslM0Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&85bfa912-d3fa-4f09-8bd5-82585019d58d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjU3NjY2NjE7MjswMjHNfBbZfOaHoXByxM5QPWMUg45VtFnBf2jyqAFhh0G+fw==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665766661:t=1665853061:v=2:sig=AQGEacDzsQY50xYBwMBt5Xnsf--oAa1u"
.amazon-adsystem.com/ Name: ad-id
Value: AwIGikLWH0l6hRsysMx3r8o

3 Console Messages

Source Level URL
Text
rendering warning URL: https://ntn.ua/uk/(Line 39)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.nl
adtelligent-d.openx.net
ap.lijit.com
bee8e70ee29af3e8a9ef4848720098fe.safeframe.googlesyndication.com
bidder.criteo.com
c.bigmir.net
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csync.loopme.me
d.adtelligent.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.bigmir.net
ib.adnxs.com
id5-sync.com
inter.ua
juke.mmi.bemobile.ua
ls.hit.gemius.pl
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
ntn.ua
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
px.ads.linkedin.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
stags.bluekai.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.bkrtx.com
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
141.95.98.65
142.250.186.34
146.59.30.96
15.197.193.217
172.217.23.98
178.250.0.157
178.250.0.165
18.156.0.31
185.184.8.90
185.29.132.241
185.80.39.216
185.89.211.84
193.239.68.97
193.239.71.100
194.247.175.19
194.247.175.23
194.247.175.25
2001:4860:4802:36::178
213.155.156.168
213.19.147.44
216.52.2.39
23.205.235.133
2602:803:c003:200::41
2606:4700:3038::6815:e9e1
2606:4700::6810:7caf
2606:4700::6813:ad6c
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c1b::9a
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:9a19:4aca:1a41:e6f4
2a06:98c1:3120::3
2a0c:5c81:5120::2
2a0c:5c81:5142::2
34.98.64.218
35.156.3.122
35.186.193.173
37.157.4.25
45.133.44.3
51.83.220.94
51.89.9.253
52.19.188.75
52.46.155.104
52.48.190.42
52.94.220.185
54.37.238.28
62.149.1.122
66.155.71.25
69.173.144.165
69.192.160.219
76.223.111.18
85.114.159.93
96.16.135.39
03002f285167bb5b5904202b949a6c51680fa72b72e9ebf1de3c203a99d1b4bb
0326a9b3b7474d52cb6d04bbe07fc6609e991addcf5cc83696e319d67f172c34
05d7b718b14633236a482ade1982ae74c25d2cfe73a43ca3e39840f6f093d71d
0740b05ecb18441227c60d9bc57edb4c929db0e8c3cc2b5e9cc848139bb223e2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1a4531b5ae338d0caaed1274ca3d0d164b3380a204510cc1385d6ac6624bfe07
1a63ae8451325ac53bd3ef756cbd88ed3a8148e3fb30d05938c99e222d3bb889
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
1b702f434be5f6508e6b38e25fc3f5aa958e9f9cbca8ed72d970fc5888770912
1c59d202cf8baa1dd433ecd9e8d4700103b2b811d08609da1f9d4c57712d7adf
1cab8c1c17777ef850d058659ab3d6496408e7dc6ca5351986d3aeafc544bbff
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
1e397c6cd24daa8a7e13da7070338bfdf7a121a1454b3964d49c13e398afeb8d
1e881bee4968ea66e5abe34de441febc430ac61686c0706ce72cd5b99cf610e6
208b56903dbc6fb3b430a26c64a0f86260c4c8bed20720312cc160c2536cc9a2
21c200b1b299a7327215beb7d700b4e38a31ed69be571ada397822d709326d6b
235bf55e42b6d23d8d0ccdf6a3493d0e0a7b0c167386e9ad8e3011ee6cd27985
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
248b00acc6446900a94f185c75c388a9d5434120f262727dba60d67f51a69c8a
249d35ebda91a9c5cd310af1816cc46e9806dd646cb541345897fff86ad4f99a
27ddc909a924fa13e1c92c061f1efc24eb5851a8679a49b6d1cbf5b52a30bb1b
2931e119fd995555a60c592b7503f2ea35459c72e14b64736025960a33bf4d2c
2944c3024e13444318267d493ee7dba4e4679744a51116229953c4d7c3866a43
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3b0f142a30ab19960dca2f3dc2d4bc1057d12868f092f859930c7fe665a2c0
344eb38594dce12c6338a5ea805448773c1e99100dc8df459bc44d3b3b337a80
356e3e22149cf8015723f57005155957886eeec7e612ff40985e924a239b3a0b
381366d818edd69e678d1d5c919d91774a00458f48e8c5f477d30727a52af8b1
3834ae4e6f5e939900a4d4740c747805c4b0a0b3de2a11bf9eed90966c6e316c
3abe1d50aafde6d03b75351af751ef980dd9d02e1318dd18a62dcf918cea661f
3be64d3b89dff356e60dd39747bae43eceed1fbffc70314267775285db3c412d
3d5f9fc516a9901a8fee7522baca3e62b77da8e63ede0066484bbe6c0bcfa9b1
3d71acaeae9ad6820144dd16ceee3b5445bc20e70072ce10deeb9cc5781cf85c
3d9cff4c8d0927aa9d57a767a0efea7094bdbb6a6eb55219b89114d5c0b304f4
3ee116eab2986f53121655e88036f64581ffe19572dbc05521d14f506adc56fc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412cdf2044788ea49817775c0f2721e23a37d0d703099216f8ad48a7e73ccba4
41b2c8c215be5020e756d8dde6c738ba98ca3a167266a4f708fbb02299771d69
42c988a2ec0f9174ce94ba23912884cc986743792df9dc9b22881d824aad9eca
43bd8a3e10e8f2e3cd87d9eb17c57b835bda7aa6a49a367577aaa9bea014d6f4
457ff2539b88209b8375002f8cbf478a5adcd6cc33a3fa8109474d4300090eed
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47057a03aed7a53b879618baa1fe40c2cf470e8c6fe84737163ca94c340f9d81
49329619a159bfb35202ea4ee9b2d10cf810983aff0a0e4d987f3ba5e1c1b659
49712020cdf04c0161b3c7d60d9fa6c073388f2ef009bbad6c5edcf123fa707a
4b3e8f6b2a1917f9e6bce54e47051dc88b3270f97710f15a657df2d496a3d144
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca2074fdeec9bd4b9909e99b1c85aadbe318a83e62d99ae8a10a1d3e5aa79c4
4d7f74d151a3e2ca1976ee3049886420f6b85b22c69e18c4e06d8a20ac1e96bd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecd508aad794a6ed4455e1d7c45f43521926fb86909a8cf41d92441e11b8191
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985
513761a4f18fc171f5faac77f9588111e06b4c1bb755a19f8214abeed6ba0973
515563c93d8f56d0cb8e18cb4a1ee55aca2543f8f78822d96f479ca7f8c991f6
518e3547a64db6c3a5859b4ea3eb6053508cef8beccaf936bed08f67170c84a3
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
561a4d0814fb3525fcd7a0662570193fefce4a028256cb773e490c4b06f0e2d5
56202b9da90fc673469eca5fb60bdd13956a769cb1548aa78e3962c419c7840e
577e9ef72f4152f4979ff8e07d9a41757e18ee8e5265ccab0aba1307bdf147eb
5894efec8f9ae727dc14f30e4ef20c9faf9ea2c86f570a287b061e6b1dd25fde
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58dfe83deb32d2fa1e80fa2af2e5d14be1fa0fc9bb29edfe5e9f21d438734402
5b185cc4255a9da79b46d897d48f35e74759d04e09367b25455e62a3d1dc360d
5b214f416301eded0275e66341fc28de2c769b31b1aac066b2aa52e79e39a69d
5b7b57e53fee02c97a15aa8ff8be4ed26df2dd422d76b4f70f9866f4efa4ea24
5c1285a4ac2eadeaeb1861f7863adb0a97a0a601308d4247e7e81fd79fc611e8
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5d40bed0a850cc62b9bee0b3f5b56b375369fd77be705d8b7aaea4c52861b1d6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f93ecb194463551254b9939551d09fc56bc0e6b76c31194b122c5cc0f22545
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
6400b298d51a07b76ae017a62d74af08fd20e249b564f7503712362f2c6710ce
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
689061066181e2f80c455652eb892d5f2753f4efe880ac9b8924e305f1952f4c
6a7ee99f99266cdf5847765b824e9703f6b64ca4ef02ba1810dd6f32b5d96e78
6abfd32c062e8acbb76667518bb240df1301525e96e1d8021eb9d4476b742552
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6703f9e886020374adceb1eb1be044d49d70a03f7b73c60c6893530952f86b
732a9d3f3ad459d02094d4163010c9bf066144eadad685989e90b55d124d8e46
7439c201d635317d134f877d65e6c8c856e11d90a8f9ba0e49fc105646f2fb8b
7664c1ba21942bd39804692046f89a591d6ff83a1b7cc29239a0d7bb5c91953f
7bcc57ca2406f852508d6002c39d75996a862c3e8389d1c63c9a61a42a408485
7d856847402c3364ef3f2a44db48934f52cb1124cdf804f810512a5300bd2824
7e9418a4e8f5f6d1edf0d756d7c5bd856a21dc20a4b1f143ec1e026e6138bc68
8274947f071c5bd9734c5e970df088e184c8f463ca9b72688b43eaeab2d635fe
8474f69f03704ce449247a89aaad4d771ca89e5af0dbbaabfa7d5ba54471d2bc
8653c5b5c85b1ca570a699c16b6769e59f506c039dadfe739a321face9560225
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
88bba9edfe62a220e90be5fe1ba14c9ac751490f500b1e6e5fe25cb2c824c9ea
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ba7fc1dbf2b813f54a1607b24d3787085661ee777eb9ed66197e2673607347e
8bbe2679d44a1fc74827066d51144859932d36f0dcd9e4bbc8c6b72fe5ff3073
8c52f64b8538b61eb70de24754c61aed4119abcde29a8aedeebfa0a32c264138
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
91ea59ec85aa329d6c9935ce6ebc74c6e37add1ab0b6111212410f7230ae701a
92ea97e7efb343bd3a8df00b11901d2306324d5adf2d2761d381813bcac98332
95dd6865cd73589629a72003cfc7a4f4b2af96b6e692a245369ced73ef487f83
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
986416a58791f99bdde0b17c2b78dbdbf1f56de883b0ae0d5081fffedbccb38e
9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a30456069803e789b02e498f563998088b85bf1f3eeac4383c1925c790b150c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fc80af241aec02acf796b66c39027b469e8b54fd30519bb773908d3cd1f600
a639ad91b60bb2725eaf72085318ca47bc310f4569bea736c23c8cc347dff956
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a92379341fb4f1f929f52906cbed5f35bc474ad6e0dce7713768bc8d8c156af6
abd8692c0357cdc68904b23a95002546b05b80176508f5f0a6cd4258fce6617f
abe40cfa31540c665cfcef441f51c5456d1ce107208ab6a43e1e5eed00e8359e
afaac8f389e0f0347225f6c0225ee1639ea8adc0439a35135056d6fa2a0ee1b2
b0c4b081ef70f3eb0a934344392df220f0439f91a9b5e8aea93c71dec0beb416
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34e990bcdb512549b66a8703674635168434d960dd725e90285889f1336759e
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4c20df02077c26385577801eb8897f405a95c63d0c26ee24ac3b4e2043f302d
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b88414e57f13a0d5675804c8ce82e9ac4b1680358e123baff030c6f2da882f39
bb603e9d8681e4056af140a5d281a3e1da054fe3aabe9949932f8a80456c7fd8
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c1e0be455dc266b3d0a0622293957ea21bf19d21abccefbce6fdd2314bf54eab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4a6e289ea981b353e88457da65f62626da3a70a2e7e2ddbdcc542a8da491c76
c5e52f40b619e103483256eb589f4f98b4caa8e189e8c57dec9a91fd1a1a5315
ca461714b00b11229550ac5bb7fd32ebcb5380c00c9337f0153d01ddd785eef5
cb9bb1bfa239809a15dbdfe332d3d97459e0b5f0d5b705b95b09ea0f1bc1c9f2
ce04189370ecaa0cc5e3f50d3311f86ef42ea688519a093319460e54e43a9f9b
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d2343c85bc2821e75541c4d4d0dcb510c267ebc96baf367af57309de6baae8a5
d295ad9799d17401cc653b47a5c27bd046fe89512861221f1bc6b6738d31a060
d47a846131784dcb7bc4fbecf19edbcbe21b84923063526307a16f082cf966e7
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
d9e2f01c9d2cff4dbc32d2d614259b4c9ac8d47aceb94c67b5b1b11bf4730c4d
da84bce8a2f715182ab131bd1367073145e6807204f213d30048cb20cf6f90de
da97b6661b2a61de0d56e15c069de457fae3f67028c0de1b8fbfce2c2bdfadf7
db60a768c483659f46a67e2959aefa707b55b8b96e99b5faee357a3737d46be9
dd65581b93e9ce19d1bbdaf1e94b4996ca2b0a363bf52e6bcafc2ebe5c0da1b2
dd8d9f66bb6444b64ebdd9c4441c267417d2be60bc7a74806d7c3746cf6109df
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620
e1ef4c6ee8e9ba88ac805bb20fde15e424eb1b20ecd033bf5d81890038d22254
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5a348371f57afc03cb0fb301990daed6d812024631df2e6602f818193a074cb
e6ac1f56910010e5a93a3093e7847ad5ea43ba9e8bb8ff568b957eff0a2f58da
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7f0d78862e5bf61ae9af1709638702b0e0a078b4fd2cd4119927a1bd2a3f20f
e8470273a3d17de6e39a19d9edaa1c9ddc05ea5fa99fa10a6e1cbf16119cc2a8
e9dd66b4edec6409af2070004b051321b8108390821cec813104035f2271353d
ea880f80a81e709d0deb3a1a8199827cb6cdb365782cdbd7a5aab215da5e413f
eaca0fb0be4c00a5add8575e92bddc641057ee578b8c75641cf8c36018543142
ec72df6977386fcdac6ffbc951289c4f1aea0a2eaef62a83422eb303b32e5bb6
ec9bbb71ee1b207d2f6bf43465b65cdd106320f89567b66abbf07f59a8ca0eb1
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ee553c847b17af2ffc8d1ae1dc81c1fa6c8356246c31bd80e0a470097ec4430e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ddc6ca5f282d4f8aba0b3bbeaa3666bd6b0769ffd70b45d6ae40ad0e4d85f5
f298de790d4f6da777081d27276127edc791ee096bf194973acb8f9b97e8d2ea
f30abd448ec6baaf74984d1575b669ba98dc02a92bf60105b46b1f6a2b454fd8
f4af3262c604d9ca5d1e61f23af267420db3393d18c9a3dcd604548054cbcf7a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bfea0bfaf58f5379f225a0dd59050f89614fd56b9a2afc495503eaac76caea
f7056c2012494810bb1a2cc5ecc8246866856b19329bdeb04e3cc5466d42543e
f938f11e6a55c8b00af7b96e4e53327f66993145f6cd8b0d0a33ba4434cce584
f9c6f48908ed95c62c11af1eba731178c21d24425b680774370a153bb272edd9
fc14852357bf40d65a11e8278a3a41fdba5a6bb5bab56ba3de7229d159243738
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
fd794f1dfe14db0d7027596043d9987eb560aba7e210a59a6c24b3b27b029fa4